Bitcoin-focused DeFi protocol Echo suffered an exploit on Monday, with the attack first flagged by pseudonymous crypto influencer DCF GOD on X at around 5:55 p.m. ET. According to onchain analytics, the attacker minted 1,000 eBTC — Echo Protocol’s bitcoin liquidity token issued on Monad — and deposited 45 eBTC to DeFi lending protocol Curvance as collateral. The exploit represents the latest in a wave of DeFi security breaches affecting the sector this year. Monad Co-founder Keone Hon confirmed that security researchers determined approximately $816,000 was stolen as a result of the exploit, while assuring that the Monad network itself was not affected.
Exploit Details
According to onchain analytics platform Onchain Lens, the attacker used the deposited collateral to borrow around 11.29 WBTC, worth roughly $867,700 at the time of the exploit. The exploiter then bridged the WBTC to Ethereum and swapped the tokens into ETH. The 385 ETH was subsequently moved to the crypto mixer Tornado Cash.
The attacker currently holds 955 eBTC, valued at $73.2 million, according to onchain tracking data from Lookonchain. DefiPrime Founder Nick Sawinyh noted that “the other 99% of the fake supply is parked on the attacker’s wallet, because Monad’s lending and DEX depth can’t absorb more.”
Official Response
Modan acknowledged the exploit through Co-founder Keone Hon, who stated that security researchers are currently investigating the incident. Hon confirmed that the network itself remains unaffected.
Curvance, the lending protocol through which collateral was deposited, reported that its fully isolated market architecture shielded other markets from being affected. Curvance stated there is no indication of any compromise with its smart contracts. The protocol paused the affected Echo eBTC market as a precautionary measure.
Echo Protocol is a multi-chain BTCFi protocol that launched as a bitcoin liquidity and yield platform with a significant presence on Aptos.
Broader DeFi Security Context
The Echo exploit occurred amid a broader wave of DeFi security incidents. According to DefiLlama, there had been 13 security breaches on DeFi protocols in the month prior to the Echo incident, including an $11.6 million exploit on Verus’ Ethereum bridge that occurred on May 17.
Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the
Disclaimer.
