Decentralized finance protocol Echo Protocol suffered a $76.7 million exploit after an attacker minted 1,000 unauthorized synthetic Bitcoin (eBTC) tokens on the Monad blockchain. The incident stemmed from a compromised admin private key, not a smart contract bug. The hacker laundered a portion of the stolen funds through Curvance and Tornado Cash, but still holds $73 million worth of eBTC.
Echo Protocol was exploited after an attacker minted about 1,000 unauthorized eBTC on the protocol, which is deployed on the Monad blockchain. Blockchain security firm PeckShield and analytics platform Lookonchain both reported the incident, noting the minted eBTC was worth around $76.7 million. Echo Protocol stated, “We are currently investigating a security incident impacting the Echo bridge on Monad. All cross-chain transactions remain suspended while the investigation is underway.”
According to PeckShield, the attacker attempted to launder some funds by depositing $3.45 million worth of eBTC into DeFi lending protocol Curvance. The attacker borrowed $868,000 in wrapped Bitcoin, bridged it to Ethereum, swapped it for ETH, and sent $822,000 worth of ETH to the Tornado Cash mixing service. The attacker still holds 955 eBTC worth about $73 million, according to DeBank.
Blockchain developer “Marioo” reported that the root cause was an admin private key compromise, describing it as “operational, not technical.” The eBTC contract worked as designed, but vulnerabilities included a single signature for the admin role and no minting supply cap. Curvance reported it was aware of the anomaly and confirmed no compromise with its own smart contracts, pausing the affected market.
Monad co-founder Keone Hon clarified on X that “the Monad network is not affected and is operating normally.” This latest exploit comes in a month that has seen at least 12 protocols compromised, including THORChain, Verus Protocol, and Transit Finance. The year has been challenging for DeFi security, with dozens of protocols exploited for hundreds of millions.
