Ethereum DeFi Platform Zoth Hit By $8.85 Million Hack

Ethereum real-world asset platform Zoth has suffered an attack that resulted in the loss of $8.85 million. Security experts believe the hack, the second suffered by the company in a month, came about as the result of a private key leak.

On Friday morning, a Zoth proxy contract was upgraded by what security firm Cyvers called a "suspicious address.” Soon thereafter, $8.85 million worth of stablecoin USD0++ was transferred out of the proxy contract into the attackers wallet before all funds were swapped into DAI and moved to another address. The attacker later swapped the stolen funds for 4,223 ETH ($8,300,800).

"Our team is actively investigating the situation alongside our security partners,” a spokesperson for Zoth told Decrypt. “We want to assure you that we are taking every necessary measure to mitigate the impact and resolve the issue.”

A proxy contract is a smart contractsmart contract that, among other things, forwards calls and funds to other contracts called implementation contracts to facilitate the smooth operation of business—this is very common in the world of DeFi.

In this exploit, it appears the attacker gained access to the private key for the proxy contract which enabled them to update it, changing the implementation contract address to their own wallet. This then allowed for all of the funds from inside the proxy contract to be sent directly to the attacker.

“This type of attack typically occurs when an attacker gains unauthorized access to the private keys controlling a wallet or smart contract, allowing them to transfer funds out of the system,” a spokesperson for PeckShield told Decrypt.

AiXBT Token Falls 20% After AI Influencer Hacked for $100K in Ethereum

Popular AI bot and influencer AiXBT fell victim to a security breach that resulted in the loss of 55.5 ETH—around $105,000 worth at the current price of Ethereum. The funds were allegedly taken by the creator of a since-deleted X (formerly Twitter) account called FungusMan, which was able to queue malicious X replies into AiXBT’s autonomous response system, generating a tip of 55.5 ETH from the agent’s Simulacrum wallet—a wallet that allows users to generate on-chain actions via social media pos...

“The attacker gained admin access, likely through a leaked key or exploit,” according to Hakan Unal, Senior Blockchain Scientist at Cyvers. He added that it is likely that Zoth has multiple proxy contracts, such as this contract holding $12.28 million USYC—meaning more funds could also be at risk if they share the same admin access.

Zoth did not comment on how the contract’s private key fell into the hands of the attacker, but told Decrypt that it will release an update once it has finished its investigation. 

Biggest Crypto Hacks of All Time

Despite maturing to the point of becoming a multi-trillion-dollar asset class, the crypto world is still ripe with hacks and scams. In fact, the worst one ever just happened. Malicious actors looking to take advantage of inexperienced users or insecure crypto protocols have found ample opportunity, siphoning off more than $10 billion in funds in the last 5 years according to Chainalysis. And six out of the last 11 years have seen over $1 billion worth of losses to hacks and exploits, peaking in...

Cyvers suggested that setting up real-time monitoring that alerted the company when admin roles or contract upgrades were made could have helped prevent this attack.

This appears to be the second hack to hit the DeFiDeFi project in the space of a month, after the project lost $285,000 as the result of a March 6 attack. This came about as a result of an exploit in a liquidity pool that allowed the attacker to mint ZeUSD without depositing sufficient collateral, according to smart contract auditing firm Solidity Scan.

Zoth did not respond to Decrypt’s request for comment on this second attack.