Zoth faces $8.85 Million Loss Due to Security Breach
Zoth, an Ethereum-based platform for real-world assets, has fallen victim to an $8.85 million exploit. Attackers gained access to a private key, compromising the platform’s security.
This incident is the second major breach for Zoth in just a month, underscoring the vulnerabilities in DeFi protocols. The attackers exploited the deployer wallet, upgrading a proxy contract to one they controlled.
Consequently, they withdrew $8.4 million in Zoth’s USD0++ stablecoin. This was swiftly converted into 8.3 million DAI and transferred to an external address. You can read more about the incident on Twitter.
In response, Zoth has taken its website offline for maintenance. The team is collaborating with security experts to evaluate the damage and prevent future attacks.
Proxy contracts, common in DeFi for upgradability, pose risks when private keys are compromised. This breach shows how attackers can alter contract logic to redirect funds.
Previously, on March 6, Zoth lost $285,000 due to a liquidity pool vulnerability. Thes repeated security issues raise concerns about the platform’s risk management and may lead to regulatory attention.
