Zoth Suffers $8.85M Hack, Second in March

On March 21, the Ethereum-based real-world asset (RWA) protocol Zoth experienced its second significant security breach within a month, resulting in the loss of $8.85 million in digital assets. The attack involved the compromise of an admin key, which allowed the hacker to gain control of a Zoth proxy contract. By upgrading the contract, the attacker enabled unauthorized fund transfers, draining $8.85 million in USD0++ stablecoins. These funds were subsequently converted into 4,223 ETH and moved to an external wallet.

Zoth has confirmed the breach and is actively working with security experts to investigate the incident. The company has also offered a $500,000 bounty for information leading to the identification of the hacker responsible for the exploit. In response to the security breach, Zoth has assured users that steps are being taken to mitigate the impact and has pledged to release a full report once the investigation is complete.

This latest incident marks the second exploit targeting Zoth this month. On March 6, an attacker exploited a vulnerability in one of its liquidity pools, minting synthetic assets without sufficient collateral and causing a $285,000 loss. Security experts suggest that the breach could have been prevented with better key management and real-time monitoring. They warn that additional funds may be at risk if other contracts within the platform share the same admin access.

Zoth has not disclosed whether it will reimburse affected users but has stated its commitment to strengthening security measures to prevent future incidents. The incident underscores the continued risks facing decentralized finance platforms, particularly those reliant on centralized admin controls. Blockchain security firms have noted a rise in sophisticated key compromises, with significant losses reported in DeFi-related exploits over the past five years.

The company has not commented on how the attacker may have obtained the private key but has pledged to provide updates once the investigation concludes. The ongoing investigation and the company's response to the breach will be crucial in restoring user confidence and preventing similar incidents in the future.