Zoth Re-Staking Protocol Hacked, $8.4 Million Stolen

The Zoth Real-World Asset re-staking platform was hacked and caused digital asset creators to lose more than $8.4 million. The platform needed to suspend daily operations to fix the issue and put its site into maintenance mode.

Cyvers discovered suspicious activity on March 21 when it found a compromised wallet related to the protocol. Cyvers reports the attacker quickly took out the stolen assets and switched them into DAI stablecoins before moving them to a new destination.

Zoth Collaborates with Partners to Resolve

The Zoth team confirmed the security breach after receiving news of the problem and told users they were taking action to fix it. Due to the security concern the team disabled the protocol website and works with partners to fix the problem and reduce customer harm.

After performing their investigation into the incident Zoth will publish one full report. Our team at Zoth continues to address the problem without giving specific details about when we will resolve the situation.

The intrusion followed an unexpected set of actions during its execution. Cyvers Alerts senior SOC lead Hakan Unal determined Zoth”s funds were stolen due to unauthorized access granted by admin privileges in their smart contract.

The Zoth smart contract was upgraded maliciously 30 minutes before anyone identified the breach by an unknown address. By updating the Zoth smart contract the attacker breached security guidelines for immediate access to all funds.

DeFi’s Weak Security Systems Pose Major Risks

This attack differed from common security vulnerabilities because it took advantage of the communication system”s supervision aspects. Investigation results from PeckShield show that the attacker transferred money from Zoth and exchanged it secretly for Ether.

Cyvers explains that this breach shows essential weaknesses in smart contract systems especially in Decentralized Finance. Unal said multisig upgrades combined with time delays would have featured as preventive measures against single-point security risks. The system should detect admin role adjustments instantly and enhance key management procedures to fight unauthorized entry.

Weak security systems create big risks for DeFi according to Unal despite his belief these risks can be minimized. Upgrade systems that operate independent of any central party will discourage hackers from stealing admin access to take control of projects.

The Zoth team follows the investigation process and works to ensure safety and trust in its ecosystem. The event shows us that secure decentralized systems remain difficult to protect against advanced cyberthreats.