RWA restaking protocol Zoth has become the latest victim of a cyber attack, with the hackers carting away $8.4 million.
According to blockchain security firm Cyvers, the attackers compromised Zoth’s deployer wallet, putting funds in jeopardy.
Zoth operates as a real-world asset (RWA) restaking protocol. It’s a service that lets people tie their cryptocurrency to real-world investments—like loans or bonds—through a process called restaking.
This setup allows users to earn rewards by connecting the traditional finance with the decentralized world of crypto. It is an innovative method to enhance digital wealth while maintaining a connection to more tangible assets.
Cyvers is a blockchain security company focused on protecting the cryptocurrency ecosystem from threats like hacks, scams, and suspicious activities. They specialize in monitoring the blockchain in real time, using advanced tools to spot trouble as it happens.
Their mission is to ensure the safety of users and platforms by proactively identifying risks before they escalate beyond control. They analyze transactions, track unusual movements of funds, and flag potential breaches, often sharing their findings through a system called Cyvers Alerts.
The attack kicked off in the early morning hours of March 21, 2025, per Cybers. The intruder targeted a key component of Zoth’s system called the “USD0PPSubVaultUpgradeable” proxy contract. They swapped it out for a new version tied to a suspicious address.
Moments later, the hacker siphoned off $8.4 million in USD0++, a cryptocurrency tied to the platform. Wasting no time, they converted all the stolen funds into $DAI, another digital currency, and shuffled it to a separate address to escape tracking.
In the wake of the attack, Zothdotio’s website has switched to maintenance mode. This likely means the team has locked things down to halt further losses and dig into what went wrong.
In a recent update, the protocol revealed they have secured 73% of their TVL with the help of asset issuer partners and are committed to sharing more updates.
To help recover the funds, Zoth has announced a $500,000 public bounty, calling on the community to provide actionable insight leading to the recovery of the stolen funds.
Crypto exchange Bybit, which was attacked in February, resulting in the loss of $1.4B has also launched a bounty program to disrupt the network of the attackers.
