The RWA lending protocol Zoth has confirmed a significant security breach, prompting an immediate investigation into the incident. An official announcement was made through social media platform X (formerly known as Twitter) stating, “Our system has experienced a security breach. We’re actively investigating the incident and taking all necessary steps to resolve it as swiftly as possible.”
As per Wu Blockchain, Cyvers Alerts carried out an investigation and it seems like the deployer wallet associated with the Zoth protocol may have been compromised. Approximately an hour before the announcement, a proxy contract named “USD0PPSubVaultUpgradeable” was upgraded to a version created by a suspicious address.
This upgrade allegedly allowed the attacker to withdraw around $8.4 million in USD0++ assets, which were swiftly converted into DAI and transferred to another address.
In response to the attack, Zoth has placed its official website into maintenance mode, as a precautionary measure related to the ongoing investigation. The team is collaborating closely with partners to mitigate the impact of the breach and aims to provide a detailed report once the investigation is completed.
Zoth has never faced such a major security breach in the past. However, Zoth has previously conducted rigorous security audits and implemented measures like KYC/KYB services to increase the platform’s safety and compliance, which indicates a proactive approach toward mitigating risks.
This Zoth protocol attack has resulted in a theft of $8.4 million. This theft indicates the growing security breaches in the decentralized finance (DeFi) space. Unlike traditional data breaches that usually target personal information, this incident directly impacted the financial asset by exploiting a vulnerability in its proxy contract.
Even though the monetary loss is significant within the crypto space, it is still smaller when compared to other massive breaches in the industry. As DeFi platforms grow, such incidents serve as a reminder of the need for stringent security protocols and vigilant monitoring against potential threats.
Zoth’s commitment to user safety and transparency will be crucial as the protocol makes its way through this difficult time.