Futures
Access hundreds of perpetual contracts
CFD
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
GateRouter
Smartly choose from 40+ AI models, with 0% extra fees
How did an attacker mint 1,000 unauthorised eBTC on Echo Protocol?
According to blockchain security firm PeckShield and on-chain analytics platform Lookonchain, the attacker created around $76.7 million worth of synthetic Bitcoin tokens before attempting to extract value through decentralised lending markets.
Echo Protocol later confirmed that it was investigating “a security incident impacting the Echo bridge on Monad,” while also stating that all cross-chain transactions had been suspended during the investigation.
Monad co-founder Keone Hon has clarified on X that the Monad network itself was operating normally and had not been compromised.
Security researchers and blockchain developers later narrowed the incident down to what developer “Marioo” described as an operational failure tied to compromised admin credentials rather than a flaw in the smart contract code itself
According to the developer, the eBTC contract functioned as intended, but weak access control measures allowed the attacker to take over administrative permissions.
## How the exploit unfolded
On-chain investigators said the attacker first assigned themselves the DEFAULT_ADMIN_ROLE on Echo’s eBTC contract before granting their wallet the MINTER_ROLE, which enabled the creation of new tokens without backing
After securing minting privileges, the attacker reportedly removed their own admin permissions to avoid retaining a visible administrative role on-chain.
With those controls in place, the exploiter minted 1,000 eBTC tokens worth approximately $77 million on paper
Limited liquidity across the Monad ecosystem, however, prevented the attacker from converting most of the assets directly through decentralised exchanges.
Instead, data shared by Onchain Lens and Lookonchain showed the attacker deposited 45 eBTC, valued at roughly $3.5 million, into DeFi lending protocol Curvance as collateral
Against those deposits, the attacker borrowed approximately 11.29 wrapped Bitcoin (WBTC) worth about $867,700.
After bridging the borrowed WBTC to Ethereum, the exploiter swapped the assets into ETH and transferred roughly 384 to 385 ETH into crypto mixer Tornado Cash, according to multiple on-chain tracking accounts.
Lookonchain and DeBank data indicated that the attacker still controls 955 eBTC worth around $73 million, though DefiPrime founder Nick Sawinyh said in a post that the remaining tokens were effectively unusable because Monad’s DeFi liquidity depth could not absorb the fake supply.
Marioo also pointed to several security weaknesses that amplified the attack’s impact, including the use of a single-signature admin role, the absence of a timelock mechanism, no minting cap or rate limiter, and a lack of collateral sanity checks on Curvance for newly minted eBTC.
## Protocols move to contain damage
As the exploit unfolded, Curvance said it detected an “anomaly” in the Echo eBTC market and paused the affected lending market while investigations continued
The protocol stated there was no indication that its own smart contracts had been breached, adding that its isolated market architecture prevented spillover into other lending pools.
According to Hon, security researchers estimated realised losses at roughly $816,000, substantially below the paper value of the unauthorised mint because most of the fake eBTC supply could not be liquidated.
Echo Protocol, which focuses on Bitcoin liquidity aggregation, liquid staking, restaking, and yield generation across multiple chains, has yet to disclose how the admin credentials were compromised
The protocol said further updates would be shared through official channels as the investigation progresses.
The incident has added to a growing list of DeFi exploits recorded since the start of the year.
As previously reported by Invezz, KelpDAO bridge infrastructure was compromised in an advanced RPC poisoning and distributed denial-of-service (DDoS) attack that resulted in a massive $292 million exploit.
The post How did an attacker mint 1,000 unauthorised eBTC on Echo Protocol? appeared first on Invezz