Echo Protocol, a decentralised finance (DeFi) protocol deployed on the Monad blockchain, was hacked after an attacker managed to mint around 1,000 unauthorised eBTC on the protocol. Blockchain analytics platform Lookonchain and security firm PeckShield both reported the exploit on Tuesday, observing that the hacker minted these eBTC worth around $76.7 million (roughly Rs. 741 crore). The attacker attempted to launder a part of this loot by depositing 45 eBTC worth around $3.45 million (roughly Rs. 33.3 crore) into DeFi lending and liquidity management protocol, Curvance.
Security Firms Say Exploit Stemmed From Admin Key Compromise, Not Smart Contract Bug
After the initial attack, the attacker borrowed another 11.3 wrapped Bitcoin (eBTC) worth $868,000 (roughly Rs. 8.3 crore) against it, bridged the said tokens to Ethereum, swapped them for ETH, and sent 384 ETH worth about $822,000 (roughly Rs. 7.9 crore) to the Tornado Cash mixing service. However, the team later stated that it had regained control of the admin key and burned 955 eBTC held by the attacker. This latest exploit adds to the growing list of protocols compromised by fraudulent actors, including THORchain, Verus Protocol’s Ethereum bridge, Transit Finance, TrustedVolumes, and Ekubo.
Earlier today, Echo Protocol identified unauthorized activity involving eBTC on Monad that resulted in unauthorized minting and associated fund loss.
Our investigation indicates the issue originated from a compromised admin key affecting the Monad deployment. Based on current…
— Echo Protocol (@EchoProtocol_) May 19, 2026
In a post on X, blockchain developer “Marioo” reported that it was not a smart contract bug, but an admin key compromise, and the root cause of the exploit was operational and not technical. The company said that the eBTC contract was working as per the design, and added that the vulnerabilities included a single signature for the admin role, no timelock, no minting supply cap or rate limit, and no “supply sanity check” by Curvance for the freshly minted collateral.
Curvance, too, shared a statement on the issue. “At this time, there is no indication of any compromise with Curvance’s smart contracts,” the platform said on X. “Due to Curvance’s fully isolated market architecture, no other markets are impacted. Out of an abundance of caution, the affected market has been paused while our team actively investigates the situation alongside ecosystem partners.”
Meanwhile, Echo Protocol said it would share more updates as the investigation progressed.
This is not the first protocol to deal with an exploit in this week; Verus Protocol’s Ethereum bridge was reportedly exploited on Monday when a hacker was able to fraudulently transfer out at least $11.5 million (roughly Rs. 110 crore) in cryptocurrency through a fake cross-chain transfer message. Another protocol exposed due to bad actors was THORchain, when the decentralised liquidity protocol paused all trading operations. The halt came after a blockchain investigator flagged a suspected exploit of more than $10 million (roughly Rs. 96.5 crore) that likely left the protocol exposed across Bitcoin, Ethereum, BNB Chain, and Base.
Cryptocurrency is an unregulated digital currency, not a legal tender and subject to market risks. The information provided in the article is not intended to be and does not constitute financial advice, trading advice or any other advice or recommendation of any sort offered or endorsed by NDTV. NDTV shall not be responsible for any loss arising from any investment based on any perceived recommendation, forecast or any other information contained in the article.
