Cross-chain liquidity bridge Echo Protocol has suffered a major security breach on the Monad network. According to official statements from the project's development team, the exploit led to the unauthorized minting of wrapped Bitcoin tokens (eBTC) and a subsequent loss of user funds.
The core Monad network itself remains completely unaffected and continues to process blocks normally, as the vulnerability was strictly isolated to Echo's smart contract deployments.
Anatomy of the exploit
Preliminary findings point to a compromised administrator key tied to the protocol's Monad deployment as the root cause. This unauthorized access granted the exploiter sweeping permissions to mint assets inside the protocol at will.
Data flagged by blockchain security firm PeckShieldAlert shows that the attacker exploited this leverage to abruptly mint 1,000 eBTC, carrying a nominal market valuation of $76.7 million.
Extracting that massive sum from the ecosystem, however, proved to be a different story.
"The hacker deposited 45 eBTC (roughly $3.45 million) as collateral into the Curvance DeFi protocol. Under this backing, they attempted to borrow Wrapped Bitcoin (WBTC), but could only squeeze 11.29 WBTC, worth about $867,700, out of the available pools," PeckShieldAlert analysts detailed.
On-chain commentator Scalis emphasized that while the bug technically allowed for an unlimited exploit, the attacker was abruptly stopped by Curvance's shallow liquidity pool limits. The exploit was simply bigger than the destination venue could absorb.
Money laundering route
After securing the 11.29 WBTC, the attacker routed the tokens across a bridge into the Ethereum mainnet, swapped them for native ETH, and funneled 384 ETH (approximately $821,700) into the privacy mixer Tornado Cash to obscure the trail. Echo Protocol has locked in the final net damage on Monad at roughly $816,000.
The startup's team has since successfully re-established control over the compromised admin infrastructure. To protect token parity and prevent market dilution, developers swiftly burned the remaining 955 eBTC left in the attacker's possession before they could be liquidated.
Echo Protocol management stressed that the breach is entirely contained to the Monad ecosystem.
"We have found zero evidence of any compromise on the Aptos blockchain. The aBTC assets on Aptos and eBTC on Monad function as completely separate, non-bridgeable instruments. Total exposure on Aptos is strictly capped at $71,000 across Hyperion liquidity pools and Echo Lending markets, with no actual capital losses detected."
Emergency security response
As an immediate safeguard, developers have fully suspended all cross-chain capabilities on Monad and deployed emergency contract upgrades to restrict sensitive administrative privileges.
Though the Aptos infrastructure remains uncompromised, the Aptos bridge has also been taken offline as a purely precautionary measure while a comprehensive audit is completed. Engineers are currently rolling out upgrades across Echo's entire line of EVM-compatible bridge frameworks to tighten minting oversight.
This post is for informational purposes only and does not constitute advertising or investment advice. Please do your own research before making any decisions.
