Echo Protocol hit with $76M unauthorized eBTC mint on Monad

On May 19, on-chain monitoring showed that an attacker compromised an admin key on Echo Protocol’s deployment on Monad and minted 1,000 eBTC.

The unauthorized tokens were valued at approximately $76.6 million at the time of the exploit.

Funds moved through Curvance and Tornado Cash

After minting, the attacker deposited 45 eBTC into Curvance, borrowed 11.29 WBTC, and bridged assets toward Ethereum.

Part of the proceeds was later sent through Tornado Cash. Security firm PeckShield tracked the flow and confirmed the laundering path.

Protocol response and remaining exposure

Echo Protocol paused cross-chain transactions following the incident. The team later stated it regained control of the admin keys and burned a portion of the minted supply.

However, the attacker still controls approximately 955 eBTC, worth around $73 million at current prices.

Forward implications

The exploit highlights ongoing risks around admin key management in bridge and synthetic asset deployments.

With nearly $74 million in unauthorized supply still unaccounted for in attacker wallets, further movement of these tokens could create additional pressure on liquidity pools and affected markets.