Echo Protocol Hacked! Attacker Minted 1,000 eBTC; Cosine: Yet Another Dumbass Admin Single-Point Private Key Compromise

📄Full Article· Automatically extracted by trafilaturaGemini 翻譯1527 words

Monad-based DeFi protocol Echo Protocol suffered a hacker attack, with the attacker suspected of using the Admin private key to directly mint 1,000 eBTC (approximately $76.7 million). Ultimately, about 384 ETH (approximately $820,000) flowed into the mixer Tornado Cash. (Background: Wintermute was hacked and lost $160 million — how did the well-known market maker's private key get leaked?) (Context: Bybit fires back: the hack was caused by a Safe wallet vulnerability, Safe admits developer device was compromised, will they compensate for losses?) Monad-based DeFi protocol Echo Protocol suffered a major hacker attack, with the attacker suspected of using the Admin private key to directly mint 1,000 eBTC (approximately $76.7 million), and through multi-layered cross-chain operations, ultimately sent about 384 ETH (approximately $820,000) into the mixer Tornado Cash. Breakdown of the attack steps: minting, collateralizing, cross-chain, money laundering PeckShieldAlert on-chain monitoring shows that after the attacker obtained the Admin private key, they directly triggered the minting function, producing 1,000 eBTC out of thin air (Echo Protocol's BTC-pegged token, with a total value of approximately $76.7 million). The attacker then executed a pre-tested fund transfer process: - Deposited 45 eBTC (approximately $3.45 million) into the DeFi lending protocol Curvance as collateral - Borrowed approximately 11.29 WBTC (approximately $868,000) against it - Bridged the WBTC cross-chain to the Ethereum mainnet - Swapped the WBTC for ETH on Ethereum - Ultimately sent 384 ETH (approximately $820,000) into the Tornado Cash mixer The attack process is clear and tightly interlocked, with the "pre-tested process" detail being particularly striking, indicating that the attacker had fully rehearsed the entire fund escape route before officially striking. #PeckShieldAlert @dcfgod reports that @EchoProtocol_ was hacked on @monad The hacker minted 1k $eBTC ($76.7M) &, utilizing the tested flow, deposited 45 $eBTC ($3.45M) into Curvance. They then borrowed ~11.29 $WBTC ($867.7K) against it, bridged the $WBTC to #Ethereum, swapped… https://t.co/DjgI0v85Rw pic.twitter.com/wNnA77UDuI — PeckShieldAlert (@PeckShieldAlert) May 18, 2026 Cos: Admin single-point private key compromised, not a contract vulnerability SlowMist founder Cos earlier pointed out on X that Echo Protocol's hack this time is suspected to be rooted in the compromise of the Admin single-point private key, rather than a code vulnerability in the smart contract itself. This assessment directly points to a long-standing centralized security blind spot in DeFi protocols: if minting permissions are centrally controlled by a single private key, once that private key is leaked or stolen, the attacker effectively obtains unlimited minting authority, and the entire collateral mechanism becomes worthless. Such "Admin Key attacks" are common in the DeFi ecosystem, but some development teams often delay importing Multisig or timelock mechanisms under the pretext of "ease of operational management." Yet another smart contract protocol theft incident caused by a stupid admin single-point private key being compromised…🤦🏻‍♂️ Hopeless https://t.co/MVER0O9VGf — Cos(余弦)😶‍🌫️ (@evilcos) May 19, 2026 As of publication, Echo Protocol has not yet released an official announcement, and both the current status of the protocol and the compensation plan for affected users remain unknown.

Data Status✓ Full text extractedRead Original (動區 BlockTempo)

🔍Historical Similar Events· Keyword + Asset Matching6 items

2026-05-19

Echo Protocol's eBTC exploited for $77M in admin key compromise

Similarity 230%關鍵字 echo/admin/ebtc

2026-05-19

Echo Protocol Pauses Monad Bridge After Admin Key Breach Sparks $816K Loss

Similarity 180%關鍵字 echo/admin/protocol

2026-05-19

Echo Protocol suffers $76 million exploit in eBTC minting attack on Monad

Similarity 180%關鍵字 echo/ebtc/protocol

2026-05-25