Ethereum Real-world asset management platform Zoth The company has been hit by an 8:85 million dollar attack. Security experts say the hack was caused by a leak of private keys. This is the second attack the company has experienced in one month.
Which security firm upgraded the Zoth proxy contract Friday morning Cyvers called a "suspicious address.” Stablecoin worth $8.85 Million was found shortly thereafter USD0++ Before all the funds had been swapped in, the money was moved from the proxy contract to the wallet of the attacker. DAI Moved to another address. Later, the attacker exchanged stolen funds for 4.223. ETH ($8,300,800).
"Our team is actively investigating the situation alongside our security partners,” a spokesperson for Zoth told Decrypt. “We are committed to resolving the problem and mitigating the negative impact.
Security Notice
There has been a breach in security on our system. The incident is being investigated and we are taking the necessary steps to solve it as quickly as possible.
The issue is being addressed by our partners. A detailed…
— ZOTH (@zothdotio) March 21, 2025
It is also known as an aproxy contract. Smart contract that, among other things, forwards calls and funds to other contracts called implementation contracts to facilitate the smooth operation of business—this is very common in the world of DeFi.
This exploit appears to have enabled the attacker to gain access to the private keys for the proxy contracts, allowing them to change the address of the implementation contract to their wallet. The attacker was able to send all the money from the proxy contract directly to them.
A spokesperson for PeckShield Tell them to get on with it Decrypt.
Hakan Unal is a Senior Blockchain Scientist with Cyvers. He says that the attacker obtained admin access through a leak or an exploit. He also said it’s likely Zoth uses multiple proxy contract types, including This contract is for a reputable company. holding $12.28 million USYC—This means that if the admins share access, more funds are at risk.
Zoth has not commented on how the contract private key came into the hands the attackers, but they have told Decrypt It will provide an update after it finishes its investigation.
Cyvers said that a real-time monitor that alerted a company to any changes in admin roles, or contracts upgrades could have prevented this attack.
It appears that this is the second cyberattack to have hit the DeFi After a 6 March attack, the project had lost $285,000. It was a month-long project. The attack on March 6 had cost the project $285,000, and it took a full month to recover. According to Solidity Scan, an attacker was able to create ZeUSD by exploiting a vulnerability in a liquid pool.
Zoth has not responded to any of our emails. DecryptThe request from requesting comment about this second incident.
