🚨 Attack on Zoth RWAs🚨
The USD0PPSubVaultUpgradeable proxy was hacked!
The attacker compromised the deployer key, performed a malicious upgrade, and stole $8.49 million in USD0++ to the address 0x3b33...01E5.
The attacker used the CoW Protocol to convert the stolen USD0++. The process involved swapping to USDC, then to DAI, which was crucial for handling USD0++'s low liquidity and avoiding slippage in swaps of such large amounts, like the $8.49M transaction!
🤔 What is the CoW Protocol?
It’s a liquidity aggregator that finds the best rates across various DEXs, optimizes swaps, reduces gas fees, and protects against MEV attacks. This protocol is ideal for tokens like USD0++, which may have low liquidity and require an optimized approach.
The transaction analysis shows internal transactions in liquidity sourcing, contract interactions (such as GPv2Settlement), and optimized swaps. CoW found more efficient swap routes, minimizing losses and speeding up the process.
TXhash: 0x8caa5daec03c1c7e40979e61385782e20766eb7878ac60d29df7dc3781e814fe
The last update on the hack’s movement was the swap of DAI > ETH. The attacker swapped USDC for DAI again via CoW and then swapped the DAI for 4.223 ETH (~$8.3M) using the address 0x7b0c...60cf.
ZOTH is offering a $500k reward!
📊 Check wallet balance: 4.223 ETH, worth $8.83M:
https://etherscan.io/address/0x7b0cd0D83565aDbB57585d0265b7D15d6D9f60cf
