Echo Protocol hit by $76.7M eBTC minting exploit

Echo Protocol reported a major security incident after an attacker minted about 1,000 unauthorized eBTC on the Monad-based protocol, creating roughly $76.7 million in synthetic Bitcoin. Blockchain security firms PeckShield and Lookonchain flagged the breach on Tuesday. Echo Protocol later said it was investigating a security issue tied to its bridge infrastructure and has suspended all cross-chain transactions pending the outcome. PeckShield said the attacker began moving funds through DeFi venues. The hacker deposited 45 eBTC, valued at about $3.45 million, into Curvance, then borrowed roughly 11.3 wrapped Bitcoin worth around $868,000 against the collateral before bridging assets to Ethereum. After arriving on Ethereum, the assets were swapped into ETH, and about 384 ETH—approximately $822,000—was routed through Tornado Cash. Most of the funds remain unmoved. DeBank data shows the attacker still controls about 955 eBTC, close to 95% of the stolen assets and worth roughly $73 million. Developer Marioo said the incident appears linked to a compromised admin private key rather than a smart-contract vulnerability, describing the failure as operational with the eBTC contract behaving as designed. Reported contributing weaknesses include reliance on a single-signature admin role, no timelock, no minting cap or rate limits, and a lack of supply validation checks for newly minted collateral on Curvance. Curvance said its smart contracts were not compromised and that it has paused the affected eBTC market while investigations continue. Monad co-founder Keone Hon said the Monad blockchain itself was unaffected and operating normally. The Echo Protocol attack adds to a string of recent DeFi incidents, alongside breaches involving THORChain, Verus Protocol's Ethereum bridge, Transit Finance, TrustedVolumes, and Ekubo.