Skip to content
- Echo Protocol exploit minted millions in fake eBTC across Monad infrastructure.
- Curvance paused affected lending markets following massive unauthorized bitcoin minting activity.
- Investigators traced stolen crypto funds through Ethereum before Tornado Cash transfers.
The hackers took advantage of the Echo Protocol on Monday and minted millions of unauthorized tokens that were backed by bitcoin, leading to another major security scare for the decentralized finance space. The incident quickly became household news when pseudonymous crypto commentator DCF GOD reported on his X account that “echo protocol has been seen to be engaging in suspicious activity” related to its eBTC token, followed shortly by several blockchain investigators tracing the attacker’s activity on a multitude of Monad and Ethereum-based protocols.
Onchain Lens reports that the attacker created 1000 fake eBTC tokens and then put a portion of the tokens into the lending platform Curvance. The attacker subsequently borrowed approximately 11.29 Wrapped Bitcoin (WBTC) worth around $867,700 at the time of the exploit using 45 eBTC as collateral.
Then, the exploiter took control of the borrowed assets, pulled them from Monad to Ethereum, and exchanged the WBTC for Ether (ETH). Later, blockchain tracking platforms indicated that the attacker moved around 385 ETH to Tornado Cash, suggesting a cover-up attempt. In the meantime, the majority of a stolen eBTC wallet is still held in the attacker’s wallet. Blockchain analytics firm Lookonchain calculated the exploiter still has 955 eBTC (valued at approximately $73.2 million).
The attacker may not have been able to sell out the rest of the supply, as limited liquidity across Monad’s DeFi ecosystem may be to blame, said DefiPrime founder Nick Sawinyh. He said that if the liquidation process is done aggressively, it can make the smaller decentralized exchanges on the network unstable.
Also Read: UK Regulators Push Tokenized Finance Expansion With New Industry Consultation
Curvance Freezes Echo eBTC Market
In response to more damage, Curvance acted swiftly by halting the damaged Echo eBTC lending market. The protocol, however, has made it clear that there were no other isolated markets and core smart contracts that were impacted during the event. Plus, said Monad co-founder Keone Hon, security researchers were immediately investigating the exploit. He also emphasized that the Monad blockchain itself wasn’t breached in the attack.
Later, Hon admitted that initial investigations have revealed around $816,000 was stolen via the exploit. But worries persist, as a large portion of the fake eBTC supply is still in the hands of the attacker. Echo Protocol is a Multi-chain BTCFi platform with bitcoin liquidity, lending, and yield products in both Aptos and Ethereum Virtual Machine chains.
DeFi Exploits Continue Rising
The Echo Protocol hack comes on the heels of a growing number of DeFi security hacks this month. According to DefiLlama, decentralized finance (DeFi) platforms have already endured at least 13 separate exploits in May. One of the biggest incidents was the loss of Verus’ Ethereum bridge where it lost almost $11.6 million on May 17. As a result, the issues related to synthetic asset verification systems and cross-chain liquidity infrastructure have been growing in decentralized finance markets.
The Echo Protocol attack has led to additional worries about the security of DeFi lending and the security of the synthetic bitcoin sector.The attack on Echo Protocol has exacerbated concerns over DeFi lending security and synthetic bitcoin infrastructure security. Despite Curvance’s ability to isolate the impacted market, investigators are still still keeping tabs on millions in fake eBTC still sitting within the attacker’s wallet.
Also Read: New Satoshi Theory Points to Adam Back as Bitcoin Mystery Deepens
