Echo Protocol Hacked for $77 Million in Unauthorized eBTC Minting Attack on Monad Blockchain

Echo Protocol, a Bitcoin-focused DeFi platform, has suffered a $77 million exploit after an attacker used a compromised admin key to mint approximately 1,000 unauthorized eBTC tokens on the Monad blockchain — the latest in a string of high-profile DeFi hacks that have drained hundreds of millions from decentralized protocols in recent weeks.How the attack unfoldedThe exploit was first flagged by blockchain security firm PeckShield on Tuesday. The attacker gained control of a compromised admin key and used it to mint roughly 1,000 eBTC tokens worth approximately $77 million without authorization. The attacker then used a portion of the minted tokens as collateral to borrow $3.45 million in wrapped Bitcoin against funds held in the money market and reward layer at Curvance. The borrowed funds were subsequently laundered through Tornado Cash, the crypto mixing protocol commonly used to obscure on-chain transaction trails.Echo Protocol's responseEcho Protocol confirmed it had regained control of the compromised admin keys and burned the remaining 955 eBTC that the attacker still held at the time of recovery — limiting the realized loss relative to the full minted amount."We have paused cross-chain functionality for the Monad deployment and completed an upgrade of the relevant Monad contract to restrict affected operations and strengthen control over sensitive functions," the protocol said on X.As a precautionary measure, Echo Protocol also fully paused its Aptos bridge operations pending a broader security review, despite confirming the Aptos bridge itself was not directly affected by the exploit. The platform's primary deployment remains on the Aptos network, with the Monad expansion having been a more recent addition.What Echo Protocol doesEcho Protocol gives users liquidity and yield on Bitcoin holdings through synthetic representations of BTC — primarily eBTC — allowing holders to access DeFi yields without selling their underlying Bitcoin exposure. The platform launched on Aptos before expanding to additional chains including Monad, where the exploit occurred.Part of a broader DeFi security crisisThe Echo Protocol hack is the latest in an escalating series of DeFi exploits that have targeted decentralized protocols in recent weeks. Drift Protocol was drained for more than $270 million earlier this year in an attack that exploited a Solana convenience feature. KelpDAO suffered the largest single crypto exploit of 2026 at $292 million, leaving wrapped Ether stranded across 20 chains. A separate crypto bridge hack claimed $11 million just this week.Together, the string of attacks underscores the persistent vulnerability of admin key management and cross-chain bridge infrastructure in DeFi — two attack surfaces that have accounted for a disproportionate share of crypto's largest losses in 2026.