In March 2025, Zoth — a real-world asset (RWA) restaking protocol — was the victim of two hacks. While the first incident resulted in losses of $285k, the second was far more significant, with a price tag of $8.4 million.
Inside the Attack
The first Zoth hack of March 2025 was technically sophisticated — exploiting logical flaws within the protocol’s liquidity pool contracts. However, the second and larger of the two incidents was caused by yet another compromised private key.
The attacker gained access to the key that controlled the deployer address for the protocol’s proxy contract. With this, they were able to perform a malicious upgrade to the protocol’s contracts, providing assets to the assets that they held. This success was accomplished after many failed attempts that went undetected.
In total, the attacker was able to drain an estimated $8.4 million in USD0++ from the contract. This was then swapped to DAI stablecoin and moved to another address. A later swap converted the assets to ETH.
After the attack was identified, Zoth placed a bounty on the stolen assets. Anyone who helped reveal the identity of the person behind the attack and recover the stolen assets could receive a $500,000 bounty.
Lessons Learned from the Attack
The latter Zoth hack was one of many in 2025 that exploited weak private key security practices to steal assets from a project. By stealing private keys with wide-reaching permissions, an attacker can compromise projects and steal assets without the need to identify and exploit a smart contract vulnerability.
The root cause of these incidents is often a failure to implement strong off-chain security best practices. In most cases, compromised projects use a deployer or other privileged address that is protected by a single private key. This means that an attacker only needs to steal one private key or trick one signer into approving a malicious transaction to carry out their attack. In Zoth’s case, the privileges granted by the stolen key allowed a malicious upgrade to a smart contract that permitted the attacker to drain $8.4 million.
To protect against this type of attack, DeFi projects should protect critical accounts using multi-sig or MPC wallets. By requiring multiple private keys to approve a transaction, these wallets raise the difficulty for an attacker to carry out this type of attack. To learn more, check out our blog on private key security best practices.