The Zoth platform has suffered an $8.85 million exploit following an unauthorized access to a private key. This is the second major security incident for Zoth in a month, highlighting ongoing vulnerabilities in DeFi protocols.
The Attack on Zoth
The attacker reportedly compromised the protocol’s deployer wallet, allowing them to upgrade the “USD0PPSubVaultUpgradeable” proxy contract to a contract under their control. This maneuver enabled them to withdraw $8.4 million in Zoth’s USD0++ stablecoin, which was quickly swapped for 8.3 million DAI and moved to an external address.
Proxy Contract Vulnerabilities
Proxy contracts are widely used in DeFi for upgradability, but introduce a risk when private keys securing them are compromised. The unauthorized upgrade in Zoth’s case demonstrates how attackers can manipulate contract logic to reroute funds without resistance. This breach follows a March 6 exploit in which Zoth lost $285,000 due to a liquidity pool vulnerability. Repeated security failures raise concerns about the platform’s risk management and could invite regulatory scrutiny.
Security Measures and Response
In response, Zoth has placed its website in maintenance mode and is working with security partners to assess the damage and prevent further exploits.
The incident with Zoth underscores the need for stricter security measures in DeFi to protect platforms and users from financial losses.
