Bitcoin-focused DeFi protocol Echo hit by exploit on Monad, eBTC market compromised

CoinDesk reports that Echo, a bitcoin-centric decentralized finance protocol, suffered an attack on Monday, the latest in a string of DeFi incidents this year. The underlying vulnerability has yet to be confirmed and was first flagged by an anonymous crypto influencer. At about 5:55 p.m. ET, DCF God posted the alert on X, followed by several onchain analysis accounts that shared additional context. ChainLens said the attacker minted 1,000 eBTC—Echo's bitcoin liquidity token issued on Monad—then posted 45 eBTC as collateral in the Curvance lending protocol and borrowed roughly 11.29 WBTC, valued near $867,700 at the time. The WBTC was bridged to Ethereum, swapped for ETH, and 385 ETH was sent to the Tornado Cash mixer. Reports say the attacker still holds 955 eBTC worth about $73.2 million. Lookonchain founder Nick Sawinyh wrote that "the remaining 99% of the fake supply is held in the attacker's wallet, as Monad's lending and decentralized exchange (DEX) depth can no longer accommodate more." Monad and Curvance later acknowledged the issue. Monad cofounder Keone Hon said security researchers are investigating and stressed the network itself was not impacted. In a follow-up post, Hon said reviewers estimate around $816,000 was stolen via the exploit of Echo's eBTC. Curvance said its fully independent market architecture insulated other markets and that there is no indication its smart contracts were compromised. As a precaution, it suspended the affected Echo eBTC market. Echo is a multichain BTCFi protocol that started as a bitcoin liquidity and yield platform and has a significant footprint on Aptos. Prior to the Echo incident, DeFi protocols had already seen 13 security breaches this month. DeFi Llama lists, among them, the May 17 exploitation of Verus's Ethereum bridge, which led to $11.6 million in losses. This story is developing.