{"id":22308,"date":"2025-03-21T19:15:00","date_gmt":"2025-03-21T17:15:00","guid":{"rendered":"https:\/\/forklog.com\/en\/zoth-protocol-suffers-8-4-million-hack\/"},"modified":"2025-03-21T19:15:00","modified_gmt":"2025-03-21T17:15:00","slug":"zoth-protocol-suffers-8-4-million-hack","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/zoth-protocol-suffers-8-4-million-hack\/","title":{"rendered":"Zoth Protocol Suffers $8.4 Million Hack"},"content":{"rendered":"<p>On March 21, hackers targeted the real-world asset restaking protocol (RWA) Zoth. According to Cyvers Alerts, the damage amounted to approximately $8.4 million in cryptocurrency.\u00a0<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">?ALERT?Our system has detected a suspicious transaction involving <a href=\"https:\/\/twitter.com\/zothdotio?ref_src=twsrc%5Etfw\">@zothdotio<\/a>. It appears that the protocol&#8217;s deployer wallet has been compromised.<\/p>\n<p>30 minutes ago, the proxy contract &#8220;USD0PPSubVaultUpgradeable&#8221; was upgraded to a contract created by a suspicious address.<br \/>The\u2026 <a href=\"https:\/\/t.co\/3OHmvJYpR5\">pic.twitter.com\/3OHmvJYpR5<\/a><\/p>\n<p>\u2014 ? Cyvers Alerts ? (@CyversAlerts) <a href=\"https:\/\/twitter.com\/CyversAlerts\/status\/1903021017460600885?ref_src=twsrc%5Etfw\">March 21, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Analysts noticed the suspicious transaction 30 minutes after it occurred. The company noted that the perpetrator withdrew funds in the stablecoin USD0++, almost immediately converted them to DAI, and transferred them to another address.<\/p>\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"419\" src=\"https:\/\/u1f987.com\/wp-content\/uploads\/Total-Loss-8.8M-1024x419.jpg\" alt=\"Total-Loss-8.8M\" class=\"wp-image-254667\" srcset=\"https:\/\/u1f987.com\/wp-content\/uploads\/Total-Loss-8.8M-1024x419.jpg 1024w, https:\/\/u1f987.com\/wp-content\/uploads\/Total-Loss-8.8M-300x123.jpg 300w, https:\/\/u1f987.com\/wp-content\/uploads\/Total-Loss-8.8M-768x314.jpg 768w, https:\/\/u1f987.com\/wp-content\/uploads\/Total-Loss-8.8M.jpg 1463w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\">Scheme of the movement of stolen funds. Data: X.<\/figcaption><\/figure>\n<p>Preliminary analysis suggests the incident was due to a vulnerability in the protocol&#8217;s smart contracts. Cyvers Alerts representative Hakan Unal told <a href=\"https:\/\/cointelegraph.com\/news\/zoth-exploit-admin-leak-causes-8m-losses\">Cointelegraph<\/a> that the hack was likely caused by an administrator rights leak.\u00a0<\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cUnlike typical exploits, this method bypassed security mechanisms and instantly provided full control over user funds,\u201d he explained.\u00a0<\/p>\n<\/blockquote>\n<p>Zoth confirmed the attack but has yet to release details. At the time of writing, the RWA protocol&#8217;s website is under maintenance.\u00a0<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Security Notice<\/p>\n<p>Our system has experienced a security breach. We\u2019re actively investigating the incident and taking all necessary steps to resolve it as swiftly as possible.<\/p>\n<p>We are working closely with our partners to mitigate the impact and fully resolve the issue. A detailed\u2026<\/p>\n<p>\u2014 ZOTH (@zothdotio) <a href=\"https:\/\/twitter.com\/zothdotio\/status\/1903024419028734265?ref_src=twsrc%5Etfw\">March 21, 2025<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Earlier in March, South Korea&#8217;s Wemix Foundation <a href=\"https:\/\/u1f987.com\/en\/news\/wemix-clarifies-delay-in-disclosing-6-2-million-hack\">disclosed<\/a> a major hack amounting to $6.2 million, which occurred at the end of February.\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On March 21, hackers targeted the real-world asset restaking protocol (RWA) Zoth. According to Cyvers Alerts, the damage amounted to approximately $8.4 million in cryptocurrency.\u00a0 ?ALERT?Our system has detected a suspicious transaction involving @zothdotio. It appears that the protocol&#8217;s deployer wallet has been compromised. 30 minutes ago, the proxy contract &#8220;USD0PPSubVaultUpgradeable&#8221; was upgraded to a [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":22307,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[44,1308],"class_list":["post-22308","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-cybercrime","tag-rwa"],"aioseo_notices":[],"amp_enabled":true,"views":"41","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/22308","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=22308"}],"version-history":[{"count":0,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/22308\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/22307"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=22308"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=22308"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=22308"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}