In brief – Attackers minted 1,000 eBTC on Echo Protocol’s Monad blockchain deployment before borrowing and moving funds across chains. – Echo Protocol said a compromised admin key enabled the unauthorized minting activity and estimated losses at roughly $816,000. – The exploit…
rks the latest in a string of DeFi attacks that have raised concerns around cross-chain and protocol security. Bitcoin liquidity aggregation and yield infrastructure layer, Echo Protocol, was hit by an exploit on its deployment on the Monad blockchain after an attacker minted 1,000 unauthorized eBTC worth approximately $77 million, with around $816,000 ultimately laundered through coin mixer Tornado Cash
Blockchain security firm PeckShield flagged the incident, citing onchain sleuth dcfgod, noting the attacker “minted 1k $eBTC ($76.7M) &, utilizing the tested flow, deposited 45 $eBTC ($3.45M) into Curvance.” The hacker then borrowed approximately 11.29 WBTC ($867,700) against the collateral, bridged the WBTC to Ethereum, swapped them for ETH, and sent 384 ETH (~$821,700) to Tornado Cash. Echo Protocol confirmed the breach in a Tuesday tweet, saying its investigation “indicates the issue originated from a compromised admin key affecting the Monad deployment.” Earlier today, Echo Protocol identified unauthorized activity involving eBTC on Monad that resulted in unauthorized minting and associated fund loss. Our investigation indicates the issue originated from a compromised admin key affecting the Monad deployment.
Based on current… — Echo Protocol (@EchoProtocol_) May 19, 2026 “Based on current findings, approximately $816K was impacted on Monad. The Monad network itself was not impacted and continues to operate normally,” the team said, adding it has “successfully regained control of our admin keys and burnt the remaining 955 eBTC that was in the attacker’s possession.” Decrypt has reached out to Echo Protocol for comment. The exploit follows a familiar admin-key pattern that has plagued…