Zoth, a decentralized restaking protocol backed by prominent investors including Borderless Capital and Blockchain Founders Fund, has fallen victim to a major security breach. The exploit, which stemmed from a compromised contract, allowed an attacker to siphon $8.4 million from the platform, quickly converting the stolen funds into the stablecoin DAI.
Attack Linked to Upgraded Proxy Contract
The breach was first flagged by blockchain security firm Cyvers Alerts, which reported that the attack originated from a compromised deployer wallet. Just 30 minutes before the hack, a suspicious upgrade occurred on a proxy contract called “USD0PPSubVaultUpgradeable.” The new upgrade was reportedly linked to a smart contract created by an address tied to the attacker.
According to Cyvers, the hacker was able to withdraw $8.4 million worth of stablecoin USD0++ and rapidly swapped the funds for DAI, effectively masking the stolen assets through a series of swift transactions.
“Zoth’s system has experienced a security breach,” the protocol confirmed in an official statement. “We are working closely with our partners to mitigate the impact and fully resolve the issue. A detailed report with a clear view will be shared once the investigation is complete.”
Website Taken Offline Amid Ongoing Investigation
Following the incident, Zoth’s website was taken down and placed in maintenance mode, likely as a precautionary measure in response to the breach. While no further technical specifics have been released, the community has been advised to remain cautious as investigations continue.
The attacker’s method—exploiting a contract upgrade mechanism—has raised fresh concerns about the security practices surrounding smart contract deployment and governance. This incident also highlights the potential dangers of proxy upgrades if not properly secured or monitored.
A Promising Protocol Faces Setback
Founded in January 2023 by Pritam Dutta and Koushik Bhargav, Zoth aimed to bridge traditional finance with DeFi by offering tokenized liquid notes backed by secure assets like U.S. Treasury bills and investment-grade bonds. In August 2024, the platform raised $4 million in funding from top investors including Taisu Ventures, G20, Fat Cat Ventures, GemHead Capital, and angels from Coinbase and Hedera. The project also received a grant from Ripple’s XRPL Foundation.
Zoth’s growth trajectory was seen as a promising step in institutional-grade DeFi. However, this breach casts a shadow over its security infrastructure and raises questions about how protocols handle key management and contract upgrades.
What’s Next?
As Zoth and its partners investigate the incident, the broader DeFi community is once again reminded of the importance of robust smart contract auditing, multi-signature security, and real-time monitoring systems. The outcome of the investigation and the protocol’s recovery efforts will be crucial in determining its future viability and user trust.
Further updates are expected from Zoth as their team finalizes an internal audit and works toward restoring platform operations.
