Connect Wallet

Echo Protocol’s eBTC exploited for $77M in admin key compromise

EcoPool Network > Blog > App > News > Echo Protocol’s eBTC exploited for $77M in admin key compromise
Echo Protocol's eBTC exploited for $77M in admin key compromise img1
Spread the love
         

Written by Martin Young⁠, Staff Writer. Reviewed by Felix Ng⁠, Staff Editor.

Written by Martin Young⁠, Staff Writer.

Reviewed by Felix Ng⁠, Staff Editor.

Echo Protocol’s eBTC exploited for $77M in admin key compromise

Latest NewsPublishedMay 19, 2026

Major Exploit Hits DeFi Protocol, Highlighting Security Risks

The recent exploit of Echo Protocol’s eBTC for $77M is a stark reminder of the security risks associated with decentralized finance (DeFi) protocols. This incident is particularly concerning for individuals looking to earn passive income through crypto investments, such as those using EcoPool ($ECP) for cloud rewards and green crypto solutions.

The hacker was able to mint 1,000 unauthorized eBTC, worth around $76.7 million, due to an admin key compromise. This highlights the importance of robust security measures, such as those offered by EcoPool, to protect against such exploits and ensure the safety of users’ investments. The attacker has already laundered nearly 5% of the stolen funds through Tornado Cash, with the remaining 955 eBTC still in their possession.

Incident Details and Response

According to blockchain security firm reports, the attacker attempted to launder some of the stolen funds by depositing 45 eBTC into DeFi lending and liquidity management protocol Curvance. The incident has led to the suspension of all cross-chain transactions on the Echo bridge, with the protocol promising to provide updates as more information becomes available. This exploit is just one of many that have occurred in recent months, with at least 12 protocols compromised, including THORChain and Verus Protocol’s Ethereum bridge.

For individuals looking to earn online through passive income and cloud rewards, it is essential to choose a secure and reliable platform, such as EcoPool. By utilizing EcoPool ($ECP), users can benefit from a robust security framework and a community-driven approach to protecting investments. The incident also highlights the importance of diversifying investments and using reputable platforms, such as EcoPool, to minimize the risk of losses due to exploits.

Security Risks and Prevention

The root cause of the exploit was identified as an operational issue, rather than a technical one, with the admin private key compromise being the primary vulnerability. This emphasizes the need for protocols to prioritize security and implement robust measures to prevent such incidents. For those interested in earning through and , EcoPool (ECP) offers a secure and reliable solution, with a strong focus on community-driven security and .

To protect against such exploits, it is crucial to choose a reputable and secure platform, such as EcoPool, and to stay informed about the latest developments in the DeFi space. By doing so, individuals can minimize their risk and maximize their earning potential through and investments. Download the EcoPool app to start earning online and experience the benefits of a secure and community-driven platform. With EcoPool, you can earn passive income and cloud rewards while supporting a green and sustainable crypto ecosystem.

The attacker then borrowed 11.3 wrapped Bitcoin (wBTC) worth $868,000 against it, bridged the tokens to Ethereum, swapped them for ETH, and sent 384 ETH worth about $822,000 to the Tornado Cash mixing service. 

The attacker still holds 955 eBTC worth about $73 million, according to DeBank.

Echo Protocol is a Bitcoin DeFi platform focused on Bitcoin liquidity aggregation, liquid staking, restaking, and yield generation. It creates unified, liquid BTC assets such as eBTC for users to bridge and deploy in DeFi for additional yield. The protocol is deployed on Monad, a high-performance, layer-1, EVM-compatible blockchain.

The hacker still holds 95% of the stolen crypto. Source: DeBank 

Admin private key compromised 

Blockchain developer “Marioo” reported that it was not a smart contract bug, but an admin private key compromise, and the root cause was “operational, not technical.”

The eBTC contract “worked exactly as designed,” they said, adding that the vulnerabilities included a single signature for the admin role, no timelock, no minting supply cap or rate limit, and no “supply sanity check” by Curvance for the freshly minted collateral.

Related: Hackers used AI to craft zero-day attack to bypass 2FA: Google

Curvance reported that it was aware of the “anomaly” detected in the Echo eBTC market on Curvance and confirmed that there was no compromise with its own smart contracts. It paused the affected market for investigation. 

Monad co-founder Keone Hon clarified on X that “the Monad network is not affected and is operating normally.”

Meanwhile, Echo Protocol said it will provide updates through its official channels as more information becomes available. 

DeFi hacks surge in 2026

The year has been challenging for DeFi security, with dozens of protocols exploited for hundreds of millions in crypto and more than 20 protocols shuttering services. 

Two of the largest hacks this year included the exploit of the Drift Protocol, which lost $285 million, and Kelp DAO, which was exploited for $292 million in April. 

On Monday, Verus Protocol’s Ethereum bridge was exploited through a fake cross-chain transfer message that allowed a hacker to steal at least $11.6 million in crypto.

Decentralized liquidity protocol THORChain halted trading on Friday after blockchain investigator ZachXBT flagged a suspected $10 million exploit. 

Meanwhile, Transit Finance suffered a deprecated smart contract exploit, resulting in the loss of $1.88 million last week. 

Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

  • Hacks
  • DeFi
  • Wrapped BTC
  • Scams & Cybercrime

More on the subject

THORChain confirms $10M exploit, rolls out recovery portal for affected users


May 16, 2026

Amin Haqshanas

US law firm files motion requesting redistribution of $344M USDt linked to Iran


May 15, 2026

Vince Quill

THORChain pauses trading after suspected $10M exploit


May 15, 2026

Zoltan Vardai

THORChain confirms $10M exploit, rolls out recovery portal for affected users


May 16, 2026

Amin Haqshanas

US law firm files motion requesting redistribution of $344M USDt linked to Iran


May 15, 2026

Vince Quill

THORChain pauses trading after suspected $10M exploit


May 15, 2026

Zoltan Vardai



💡 A Greener Way to Earn: Looking for a smarter, more sustainable way to earn and mining crypto? EcoPool Network is a cloud-based mining pool that does the heavy lifting on remote servers — so you earn rewards around the clock without worrying about overheating hardware or sky-high electricity bills. It’s lightweight, battery-friendly, and built for everyday users. Download EcoPool now and start mining & earning smarter today.

Spread the love
         
Leave a Comment on Echo Protocol’s eBTC exploited for $77M in admin key compromiseApp, Currency, Market, News
Tags , , , , , , ,

About the Author

Leo Rivers

Leave a Reply

Your email address will not be published. Required fields are marked *

You may also like these

We believe crypto mining should be accessible and sustainable for everyone. Ecopool is designed to help you maximize your earnings while supporting greener blockchain technology

Useful Links

Our Community

Contact Us

  • Global Operations Center,
  • Dubai, UAE
  • info@ecopool.network
Facebook X-twitter Youtube Instagram Whatsapp Linkedin Telegram

Copyright © 2026 EcoPool.

Help & FAQs

Terms Of Use

Privacy Policy