RWA platform Zoth suffers second hack this month — loses $8.4M
Zoth, a real-world asset (RWA) restaking layer, has been hacked for $8.4 million of staked USD0++ after someone tampered with its proxy contract.
X user @0xtroll first spotted the exploit today. Blockchain security analyst Cyvers deduced that somebody using a suspicious address was able to tweak Zoth’s “USD0PPSubVaultUpgradeable” contract.
The hacker then withdrew $8.45 million worth of USD0++ before swapping it for DAI and back into ether (ETH), where 4,223 ETH (worth $8.29 million) currently sits.
Read more: ‘AI’ crypto trading agent, aixbt, hacked for $100K
Crypto analysts SlowMist also suggested that Zoth “admin privileges” were possibly leaked, leading to someone hacking Zoth by maliciously tampering with the logic contract.
Zoth was hacked earlier this month for $285,000 after attackers exploited a Uniswap V3 liquidity pool.
Zoth claims it is investigating the incident while attempting to resolve the issue and will release a detailed report afterward. The firm allows RWAs to be converted into collateralized debt positions and ZeUSD tokens that are backed by the RWA.
When contacted for comment, Zoth told Protos:
“Our team is actively investigating the situation alongside our security partners. While we understand the concern, we want to assure you that we are taking every necessary measure to mitigate the impact and resolve the issue.
“We believe in transparency and will be sharing an official statement once we have concrete findings.”
Got a tip? Send us an email securely via Protos Leaks. For more informed news, follow us on X, Bluesky, and Google News, or subscribe to our YouTube channel.