Decentralized protocol Zoth was hit by a hack through a compromised contract, and the attacker made off with more than $8 million, quickly turning it into DAI.

Zoth, a restaking protocol backed by Borderless and Blockchain Founders Fund, has reportedly suffered a security breach that led to the draining of $8.4 million in assets. According to an alert from blockchain security firm Cyvers Alerts, the protocol’s deployer wallet was compromised, triggering the suspicious transaction.

According to the alert, 30 minutes before the attack, a proxy contract called “USD0PPSubVaultUpgradeable” was upgraded, with the upgrade linked to a contract created by an address associated with the suspected attacker. Per initial estimates, the attacker withdrew $8.4 million in stablecoin USD0++.

It appears that the stolen funds were quickly converted as within minutes, all stolen assets were swapped for the DAI (DAI) stablecoin and transferred to another address. As a result of the breach, the Zoth website was taken down and is currently in maintenance mode. The maintenance seems to be a precautionary response to the ongoing security concerns, although no official confirmation on the extent of the breach has been provided.

Following the attack, Zoth issued a statement, saying that the protocol’s system “has experienced a security breach.”

“We are working closely with our partners to mitigate the impact and fully resolve the issue. A detailed report with a clear view will be shared once the investigation is complete.”

ZOTH

As of now, the community remains on alert as the platform works to resolve the issue. Further updates are expected as more information becomes available.

Founded in January 2023 by Pritam Dutta and Koushik Bhargav, Zoth raised $4 million in August 2024 to launch its tokenized liquid note, backed by secure assets like U.S. Treasury Bills and top-rated corporate bonds. The funding round saw support from investors like Taisu Ventures, G20, Fat Cat Ventures, and GemHead Capital, along with top angels from Coinbase and Hedera, and a grant from Ripple’s XRPL Foundation.