Echo Protocol hit by $76.7M eBTC exploit, funds laundered
6.6 Security Echo Protocol on Monad was exploited for 1,000 eBTC ($76.7M). The attacker laundered funds via Curvance and Tornado Cash. Actual losses are $816,000–$867,000. Investigations continue.
Echo Protocol, built on the Monad blockchain, suffered a significant security breach on May 19, 2026. The attacker exploited a vulnerability to mint 1,000 eBTC tokens, with a notional value of $76.7 million. The attacker used 45 eBTC as collateral on Curvance to borrow 11.3 WBTC, which was bridged to Ethereum and swapped for ETH. About 384 ETH (roughly $821,700) was sent to Tornado Cash for laundering. Despite the large minted amount, actual extracted funds are estimated at $816,000–$867,000, as market depth limited further liquidation. Echo Protocol and Curvance have suspended affected markets and cross-chain transactions while investigations continue. Monad’s network was not compromised; the exploit was limited to application-level vulnerabilities. Most of the minted eBTC remains in the attacker’s wallet.
