lazarusholic

Everyday is lazarus.dayβ

Security Incident Report: 10th April, 2025

2025-04-10, Zoth
https://medium.com/@zoth.io/security-incident-report-10th-april-2025-4dd9ed72e869
#Zoth

Contents

Author: Zoth Security Team
Background
During our preliminary investigations, we have found that on Friday, 21st March 2025, the Zoth protocol platform for ZeUSD owned and operated by Metaco Intelligence Corporation, Panama was impacted by a sophisticated and well-planned cyberattack. Zoth’s systems detected multiple unauthorised transactions rapidly draining user collateral vaults on the ZeUSD platform.
The attack seems to have involved unknown malicious attacker(s) carrying out an orchestrated social engineering attack on the service provider, resulting in the compromise of the systems through which the attacker was able to carry out an unauthorized contract upgrade and gain control of an Admin-privileged private key.
The incident resulted in one of the ZeUSD sub-vaults being drained of crypto assets (USD0++) with an estimated value of approx 8.45 million USD.
We were able to swiftly freeze crypto assets held in other sub-vaults, immediately safeguarding crypto assets amounting to around USD 20 million, and enforce a temporary freeze on …

IoC

c89d7894341e13d5067d003af5346b257d861f56