Echo Protocol, a Bitcoin-focused DeFi platform, suffered an admin key compromise on its Monad blockchain deployment on Tuesday. An attacker gained access to the admin key, granted themselves admin roles on the eBTC contract, and minted 1,000 eBTC worth approximately $76.7 million. They deposited 45 eBTC as collateral on Curvance, borrowed 11.29 WBTC (~$867K), bridged to Ethereum, swapped to ETH, and routed ~385 ETH through Tornado Cash. The remaining 955 eBTC sat unused due to insufficient liquidity depth on Monad to sell. Echo's team regained control, burned the 955 eBTC, and shut down cross-chain functionality, limiting the realized loss to approximately $816,000. Monad co-founder Keone Hon confirmed the network itself was unaffected. The incident highlights risks of admin key exposure and the importance of rapid response in DeFi.

Key facts

• Attacker compromised admin key, minted 1,000 eBTC (~$76.7M) on Monad
• Realized loss limited to $816K after team regained control and burned 955 eBTC
• Stolen funds routed through Curvance, Ethereum, and Tornado Cash
• Monad network unaffected, liquidity depth prevented full exploitation

KeyAudit data perspective