Bitcoin DeFi Platform Echo Protocol Hit By $76M Monad Exploit
Echo Protocol, a Bitcoin liquidity and yield infrastructure project, suffered an exploit on its deployment on the Monad blockchain after an attacker used a compromised admin key to mint 1,000 unauthorized eBTC worth about $77 million. Approximately $816,000 was ultimately laundered through Tornado Cash. The attacker collateralized some of the illicit eBTC on Curvance, borrowed WBTC, bridged it to Ethereum, swapped it for ETH, and funneled the funds through Tornado Cash. Echo Protocol stated the vulnerability was due to a compromised admin key, but has since regained control, burned the remaining stolen eBTC, and paused affected contracts. The exploit was limited to Monad; no impact was reported on its Aptos deployment. Industry experts cited growing risk from off-chain and admin-key vulnerabilities in DeFi. Echo has paused cross-chain and lending operations, upgraded contracts, and is reviewing security procedures. The incident highlights ongoing DeFi security concerns and emphasizes the need for improved key management and operational security practices.
