Echo Protocol Loses $77M After Admin Key Breach

Echo Protocol confirmed Tuesday that an administrative private key was compromised, enabling an attacker to mint roughly 1,000 eBTC on the Monad blockchain, worth about $77 million. The protocol suspended all cross‑chain transactions while it investigates.

Blockchain security firm PeckShield and analytics platform Lookonchain reported the unauthorized minting and tracked subsequent movements of the tokens.

On‑chain data shows the attacker deposited about 45 eBTC into DeFi lending and liquidity manager Curvance as collateral and borrowed 11.3 wrapped Bitcoin (wBTC) against it. The wBTC were bridged to Ethereum, swapped for Ether, and 384 ETH was routed to a Tornado Cash mixer. DeBank data indicates the attacker still holds roughly 955 eBTC, about $73 million.

Developers and on‑chain investigators attributed the breach to an operational failure involving an admin private key, not a smart contract bug. One developer noted the eBTC contract behaved as designed and pointed to several governance and control weaknesses: a single‑signature admin role, no timelock, no minting supply cap or rate limit, and no supply sanity check applied by Curvance to newly minted collateral.

Curvance detected an anomaly in its Echo eBTC market, confirmed its own contracts were not compromised, and paused the affected market for review. Monad co‑founder Keone Hon posted that the Monad network itself is not affected and is operating normally.

The incident is among several high‑value DeFi security incidents this year. Recent breaches have included large losses at other protocols and drains of cross‑chain bridges, reflecting recurring risks around key management and bridge controls.

Echo Protocol posted a statement saying, “All cross‑chain transactions remain suspended while the investigation is underway,” and said it will provide updates through its official channels as it continues the inquiry and coordinates responses.