Echo Protocol Exploit Leaves Millions in Fake eBTC Sitting on Attacker Wallet

• Echo attacker minted fake eBTC before draining wrapped bitcoin liquidity assets.
• Curvance paused affected markets while Monad investigators reviewed exploit activity details.
• DeFi security concerns intensified as multiple protocols suffered major exploits recently.

Bitcoin-focused DeFi platform Echo Protocol suffered a major exploit Monday after attackers minted unauthorized eBTC tokens and used part of the supply to drain wrapped bitcoin liquidity from Curvance. According to Onchain Lens, the exploiter minted 1,000 eBTC before depositing part of the tokens into Curvance as collateral. The attacker later used those positions to borrow millions in bitcoin-backed liquidity across the ecosystem.

The attacker supplied 45 eBTC to Curvance and borrowed around 11.29 Wrapped Bitcoin (WBTC), valued near $867,700 during the exploit. Shortly afterward, the funds moved from Monad to Ethereum, where the exploiter swapped the bitcoin-backed assets into Ether (ETH). Onchain tracking platforms later showed the attacker transferred roughly 385 ETH into Tornado Cash. Meanwhile, blockchain analytics platform Lookonchain reported that the exploiter still controls 955 eBTC worth approximately $73.2 million.

DefiPrime founder Nick Sawinyh explained that most of the unauthorized supply remains untouched because Monad’s decentralized finance liquidity remains too limited for large exits. He also noted that aggressive selling activity could overwhelm existing liquidity pools across smaller decentralized exchanges connected to the ecosystem.

Also Read: Crypto Market Maintains Momentum as Bitcoin (BTC) Holds Above $77,000 Support

Curvance and Monad Respond to the Attack

Curvance reacted quickly by pausing the affected Echo eBTC market while keeping other isolated lending markets operational. The protocol stated that investigators found no indication of compromise within Curvance’s core smart contract infrastructure.

Additionally, Monad co-founder Keone Hon confirmed that security researchers immediately started reviewing the exploit. He also clarified that the Monad network itself did not suffer direct damage during the incident. According to Hon, preliminary findings suggested the attacker extracted nearly $816,000 through the exploit.

However, analysts continue monitoring the remaining fake eBTC supply because the exploiter still holds most of the minted assets. Echo Protocol operates as a multi-chain BTCFi platform focused on bitcoin liquidity, lending, and yield generation products across Aptos and emerging Ethereum Virtual Machine ecosystems.

DeFi Security Concerns Continue Growing

The Echo exploit added to a growing list of decentralized finance security incidents recorded this month. Data from DefiLlama showed that DeFi platforms already suffered at least 13 separate exploits during May. One of the largest incidents involved Verus’ Ethereum bridge, which lost nearly $11.6 million on May 17.

Consequently, concerns surrounding collateral verification systems and cross-chain liquidity infrastructure continue increasing across the DeFi sector. Moreover, market participants remain focused on the attacker’s inactive wallet because liquidation attempts involving the remaining eBTC supply could create additional pressure across smaller DeFi ecosystems with limited liquidity depth.

The Echo Protocol exploit has raised new concerns surrounding DeFi lending security and synthetic bitcoin infrastructure. Although Curvance isolated the affected market, investigators continue tracking millions in unauthorized eBTC that remain under the attacker’s control.

Also Read:  Elon Musk’s SpaceX Holds $637M Bitcoin Ahead of Massive Nasdaq IPO

The post Echo Protocol Exploit Leaves Millions in Fake eBTC Sitting on Attacker Wallet appeared first on 36Crypto.