Unal said that about 30 minutes before the hack was detected, a Zoth contract was upgraded to a malicious version deployed by a suspicious address. “Unlike typical exploits, this method bypassed security mechanisms and gave full control over user funds instantly,” the security professional said. The security professional told Cointelegraph that this type of attack could be prevented by implementing multisig contract upgrades to prevent single-point failures, adding timelocks on upgrades to allow monitoring and placing real-time alerts for admin role changes.
Source: PeckshieldRelated: SMS scammers posing as Binance have an even trickier way to fool victimsHack likely caused by admin privilege leakIn a statement, the Cyvers team said the incident highlights vulnerabilities in smart contract protocols and the need for better security. Cyvers Alerts senior SOC lead Hakan Unal told Cointelegraph that a leak in admin privileges likely caused the hack.
The security firm said that the protocol’s deployer wallet was compromised and that the attacker withdrew over $8.4 million in crypto assets. The blockchain security firm said that within minutes, the stolen assets were converted into the DAI stablecoin and were transferred to a different address. Cyvers added the protocol’s website had been maintained in response to the incident.
or
Share This Story
Article Details
Author / Journalist: Cointelegraph by Ezra Reguerra
The story "Hacker steals $8.4M from RWA restaking protocol Zoth" has 415 words across 20 sentences, which will take approximately 2 - 4 minutes for the average person to read.
Which news outlet covered this story?
The story "Hacker steals $8.4M from RWA restaking protocol Zoth" was covered 1 days ago by Coin Telegraph, a news publisher based in United States.
How trustworthy is 'Coin Telegraph' news outlet?
Coin Telegraph is a fully independent (privately-owned) news outlet established in 2013 that covers mostly crypto news.
The outlet is headquartered in United States and publishes an average of 5 news stories per day.
It's most recent story was published 8 hours ago.
What do people currently think of this news story?
The sentiment for this story is currently Neutral, indicating that people are not responding positively or negatively to this news.
How do I report this news for inaccuracy?
You can report an inaccurate news publication to us via our contact page. Please also include the news #ID number and the URL to this story.
