Echo Protocol is investigating a safety incident involving its bridge on Monad after crypto on-chain analysts mentioned an attacker minted 1,000 eBTC and used a part of the place to extract WBTC liquidity by means of Curvance.
The primary public alarm got here from on-chain analyst DCF GOD, who wrote that Echo “could also be hacked on Monad.” He added: “Somebody minted 1k ebtc out of nowhere, max borrowed wbtc towards it on Curvance, bridged, and twister away.” A follow-up put up pointed to a Monad transaction displaying a 1,000 eBTC switch on Might 18 at 21:21:32 UTC.
$76M Crypto Mint Sparks Alarm
Lookonchain later mapped the reported sequence in additional element. In accordance with the account, the attacker minted 1,000 eBTC, valued at about $76.64 million, deposited 45 eBTC value roughly $3.45 million into Curvance, borrowed 11.3 WBTC value about $867,000, bridged the WBTC to Ethereum, swapped it for 385 ETH value about $821,000, and deposited the ETH into Twister Money. Lookonchain mentioned the attacker nonetheless held 955 eBTC, valued at about $73.2 million.
Phylax Techniques founder and CEO Odysseas Lamtzidis mentioned the transaction path pointed away from a Curvance lending flaw and towards a role-management compromise on the eBTC facet. “Monad eBTC/Curvance hint: not a Curvance lending bug,” he wrote. “The eBTC admin granted DEFAULT_ADMIN_ROLE to 0x6A0109, who revoked admin, self-granted MINTER_ROLE, minted 1,000 eBTC, posted 45 eBTC as collateral, and borrowed ~11.296 WBTC.” Lamtzidis mentioned the sample “seems like admin-key/function compromise,” citing key transactions for the admin grant, mint and borrow.
Echo confirmed the incident with out publishing a root-cause evaluation. “We’re at the moment investigating a safety incident impacting the Echo bridge on Monad. All cross-chain transactions stay suspended whereas the investigation is underway. We’ll proceed to offer well timed updates by means of our official channels as extra info turns into obtainable.” The suspension makes the bridge the speedy operational focus, not merely the lending market that processed the collateral.
Curvance’s publicity seems to have come by means of the affected Echo eBTC market. Curvance paused that market whereas the groups investigated, and cited Curvance as saying there was no indication its good contracts had been compromised and that its isolated-market structure meant different markets weren’t affected. Additionally, Monad’s community itself was not affected.
Monad CEO Keone Hon wrote by way of X: “To make clear, the Monad community will not be affected and is working usually. Safety researchers of their overview have decided that ~$816,000 seems to have been stolen because of this exploit of Echo Protocol’s eBTC.
The incident illustrates a well-known bridge-to-lending failure sample. As soon as a bridged or artificial asset is handled as legitimate collateral, even a partial conversion path can flip a supply-side failure into actual liquidity loss. On this case, the eBTC mint was used to borrow WBTC, transfer it off Monad, convert it into ETH, and route the funds by means of a mixer earlier than the broader notional place was totally monetized.
Echo’s subsequent replace might want to reply a number of market-facing questions: whether or not the unauthorized eBTC has been neutralized, whether or not Curvance faces dangerous debt from the WBTC borrow, which bridge permissions or contracts had been concerned, and when cross-chain transactions can safely resume. Till then, the eBTC market on Monad stays the important thing strain level for customers attempting to evaluate whether or not the incident was contained or merely slowed.
The Echo exploit additionally lands throughout a tough stretch for crypto infrastructure. On Might 15, THORChain has misplaced greater than $10 million throughout Bitcoin, Ethereum, BNB Chain and Base, together with 36.75 BTC and roughly $7 million in different belongings. Days later, the Verus-Ethereum Bridge was drained for about $11.5 million, with studies saying the attacker took 103.6 tBTC, 1,625 ETH and 147,000 USDC earlier than consolidating the haul into roughly 5,402 ETH. Echo now offers markets one other reminder that bridge design, collateral acceptance and liquidity routing stay considered one of DeFi’s most uncovered assault surfaces.
[UPDATE from X:] Echo Protocol confirmed: “Earlier right this moment, Echo Protocol recognized unauthorized exercise involving eBTC on Monad that resulted in unauthorized minting and related fund loss. Our investigation signifies the problem originated from a compromised admin key affecting the Monad deployment. Primarily based on present findings, roughly $816K was impacted on Monad. The Monad community itself was not impacted and continues to function usually.
Since detecting the incident, now we have been actively investigating potential cross-chain publicity, coordinating with ecosystem companions, and implementing further precautionary measures. We’ve efficiently regained management of our admin keys and burnt the remaining 955 eBTC that was within the attacker’s possession.”
At press time, the overall crypto market cap stood at $2.54 trillion.
Featured picture created with DALL.E, chart from TradingView.com
Editorial Course of for bitcoinist is centered on delivering totally researched, correct, and unbiased content material. We uphold strict sourcing requirements, and every web page undergoes diligent overview by our workforce of prime expertise specialists and seasoned editors. This course of ensures the integrity, relevance, and worth of our content material for our readers.
