Echo Protocol suffered an exploit on its Monad blockchain deployment, where an attacker used a compromised admin key to mint 1,000 unauthorized eBTC worth approximately $77 million. The hacker then deposited 45 eBTC into Curvance, borrowed 11.29 WBTC ($867,700), bridged to Ethereum, swapped for ETH, and laundered 384 ETH (~$821,700) through Tornado Cash. Echo confirmed the breach, estimating losses at roughly $816,000, and noted the Monad network itself was unaffected. The team regained control of admin keys and burned the remaining 955 eBTC. The incident highlights the vulnerability of cross-chain protocols to compromised admin keys, echoing a trend of attacks on DeFi infrastructure. Echo has paused cross-chain functions on Monad and upgraded contracts, while the Aptos bridge and lending are suspended as a precaution. Misha Putiatin, co-founder of Symbiotic and Statemind, warned that increasing reliance on off-chain components will lead to more such attacks, shifting security focus toward key management and operational infrastructure.

Key facts

• Attacker minted 1,000 eBTC ($76.7M) via compromised admin key on Monad deployment.
• Borrowed 11.29 WBTC ($867,700) against deposited eBTC, bridged to Ethereum.
• Laundered 384 ETH (~$821,700) through Tornado Cash; total loss ~$816,000.
• Echo regained admin keys, burned remaining 955 eBTC; Monad network unaffected.
• Incident highlights DeFi risk from centralized key management and off-chain components.

KeyAudit data perspective