Zoth Loses $8.4M in Exploit Following Proxy Contract Upgrade
Real-world asset (RWA) restaking platform Zoth has been exploited for approximately $8.4 million, fueling further DeFi security concern.
On March 21, blockchain security firm Cyvers Alerts announced that a deployer wallet with hacker involvement enabled the attack to be carried out by the attacker. The attack took the form of a contract upgrade of “USD0PPSubVaultUpgradeable,” enabling the malicious actor to drain funds.
Attacker Taps Funds for DAI, Then ETH
The stolen USD0++ stablecoins were quickly exchanged to DAI before it was transferred to another wallet. It was then exchanged for Ether (ETH) according to PeckShield.
The Zoth site was temporarily taken out of circulation following the incident. The team confirmed the X (formerly Twitter) attack and stated that they were investigating and would post a detailed report.
“Our system has been hacked. We are working together closely with our partners to stem the damage,” Zoth posted.
Zoth’s Background and Capitalization
Founded in January 2023 by Pritam Dutta and Koushik Bhargav, Zoth closed $4 million in capital back in August of 2024. The capital was used towards the development of ZeUSD, a stablecoin backed by tokenized US Treasury bills and company bonds.
Investors included Borderless, Blockchain Founders Fund, Taisu Ventures, G20, and Ripple’s XRPL Foundation, to name a few.
DeFi Security Under Attack in 2025
The Zoth hack is the newest of a chain of concerning assaults in the cryptocurrency world. February 2025 saw over $1.5 billion stolen in banner hacks, capped by an all-time high Bybit hack by the Lazarus Group.
That attack was a malicious Safe UI used to drain over $1.46 billion through social engineering. Other February victims included:
- Ionic Money: $8.6M stolen through LBTC collateral manipulation
- zkLend: $9.5M lost due to a smart contract rounding bug
- Infini: Nearly $50M leaked by a bad developer through a compromised key
These incidents highlight the need for stronger security measures in DeFi, including proper audits and continuous monitoring of protocol updates.
