What happened in the Echo Protocol exploit?

Echo Protocol suffered a major exploit after an attacker minted roughly 1,000 unauthorised eBTC tokens worth around $76.7 million on the Monad network.

Was the Echo Protocol exploit caused by a smart contract bug?

No. Blockchain developer Marioo said the exploit resulted from a compromised admin private key rather than a flaw in the protocol’s smart contracts. The issue was described as operational rather than technical.

How did the attacker move the stolen funds?

The attacker reportedly deposited part of the stolen eBTC into Curvance, borrowed wrapped Bitcoin against it, bridged funds to Ethereum and later sent Ether through Tornado Cash.

How much crypto does the attacker still control?

Investigators said the attacker still holds roughly 955 eBTC worth around $73 million. Only a smaller portion of the stolen funds had been laundered at the time of reporting.

Why is an admin private key compromise dangerous?

Admin private keys often control critical protocol functions such as minting, upgrades or treasury access. If compromised, attackers can bypass normal user protections and manipulate protocol operations directly.

What weaknesses reportedly contributed to the exploit?

Researchers cited several issues including a single-signature admin setup, no timelock protections, no minting caps and insufficient collateral verification for newly minted assets.

What is eBTC in the Echo Protocol ecosystem?

eBTC is a synthetic Bitcoin asset created within Echo Protocol for use in decentralised finance applications such as staking, liquidity and yield generation.

Was the Monad blockchain itself hacked?

No. Keone Hon said the Monad network itself was operating normally and was not directly compromised.

Image for illustrative purposes only. Not a real photo.

Echo Protocol exploit drains $77M in eBTC

Written by Heidi Cuthbert Published May. 19 2026Last Updated May. 19 2026

Echo Protocol suffered a major exploit after an attacker minted approximately 1,000 unauthorised eBTC tokens worth around $76.7 million on the Monad network.

Blockchain security firms PeckShield and Lookonchain reported that the attacker exploited the protocol before laundering part of the stolen assets through multiple DeFi platforms and mixing services.

“We are currently investigating a security incident impacting the Echo bridge on Monad,”

Echo Protocol said while confirming that all cross-chain transactions had been suspended during the investigation.

According to investigators, the attacker deposited roughly 45 eBTC into Curvance before borrowing wrapped Bitcoin, bridging the funds to Ethereum and converting assets into Ether sent through Tornado Cash.

Blockchain developer Marioo said the incident resulted from a compromised admin private key rather than a flaw in Echo Protocol’s smart contracts, describing the issue as “operational, not technical.”

The report highlighted several weaknesses including a single-signature admin structure, no timelock protections, no minting limits and insufficient collateral verification controls on newly minted eBTC.

Curvance said its own smart contracts were not compromised but confirmed it paused the affected market after detecting abnormal activity, while Keone Hon stated the Monad network itself continued operating normally.

The exploit adds to a growing wave of decentralised finance security incidents in 2026 following major hacks involving protocols including THORChain, Drift Protocol, Kelp DAO and Verus Protocol.

At the time of reporting, Bitcoin price was $76,739.11.