
The Zoth protocol has reported a targeted attack in which an unauthorized actor gained access to a privileged account and replaced the legitimate smart contract with a malicious one. This breach enabled the attacker to siphon approximately $8.4 million from one of the Segregated Vaults, where the USD0++ token was used as collateral.
The attack was carefully orchestrated in advance. Blockchain activity reveals that the perpetrator spent several weeks laying the groundwork—funding wallets, deploying contracts, and conducting unsuccessful attempts to breach the system. On March 21, one such attempt finally succeeded. Following the theft, the attacker swiftly converted the stolen funds—first into DAI, then into ETH.
At present, the misappropriated assets reside at the address 0x7b0cd0D83565aDbB57585d0265b7D15d6D9f60cf. The Zoth team has launched an in-depth investigation, enlisting external experts and the firm Crystal Blockchain BV to trace the movement of the funds and pursue potential recovery.
According to Zoth, 73% of the total value locked (TVL) was successfully secured immediately after the breach, thanks in part to the swift response of Zoth’s partners, including asset issuers. The team emphasized its unwavering commitment to transparency and has pledged to release continual updates as new details emerge.
A comprehensive incident report is slated for publication in the coming weeks. Additionally, Zoth has announced a $500,000 bounty for any actions that lead to the recovery of the stolen funds.
The team expressed its gratitude to the community, investors, and partners for their steadfast support and patience during this critical period. Despite the severity of the breach, the platform remains operational, with the restoration of security and the retrieval of stolen assets identified as top priorities.