Echo Protocol Bridge Exploited on Monad; 1,000 eBTC Minted

Echo Protocol’s bridge on the Monad network was exploited after an attacker minted 1,000 eBTC, triggering Curvance to pause its affected eBTC market and Echo Protocol to suspend all cross-chain transactions. The incident raised the running total of reported crypto hacks in May to 14.

On-chain analyst dcfgod first flagged the activity and blockchain security firm PeckShield traced the movement of funds. The minted 1,000 eBTC was valued at roughly $76.64 million at current rates. On-chain traces show the exploiter deposited 45 eBTC, worth about $3.45 million, into Curvance, borrowed 11.29 wrapped Bitcoin (WBTC), bridged the assets to Ethereum, swapped them for ether, and sent 384 ETH to the privacy service Tornado Cash.

Curvance posted an update on X noting the anomaly was detected at approximately 6:00 PM EST and that the affected eBTC market had been paused. The platform added there was “no indication of any compromise with Curvance’s smart contracts” and that its isolated market architecture prevented other markets from being impacted. Curvance said its team was investigating the incident with ecosystem partners.

Echo Protocol confirmed a security incident affecting its bridge on Monad and reported that all cross-chain transactions are suspended while the team investigates. Echo wrote that it will provide further updates through official channels as more information becomes available.

Monad’s CEO Keone Hon wrote on X that the Monad network itself was not affected. He cited an estimate from security researchers that around $816,000 appears to have been removed from the system as a result of the exploit, distinguishing that figure from the total amount of eBTC minted.

The Echo incident followed two other major decentralized finance breaches within five days. THORChain disclosed a vault breach on May 15 that drained more than $10 million. Security researchers later identified an exploit of a Verus-Ethereum bridge that resulted in roughly $11.58 million in losses.

Security teams and on-chain analysts continue to follow transaction flows and coordinate with the affected platforms. Curvance reiterated that investigation work is ongoing and that its market isolation limits exposure to other markets. Echo Protocol and Monad have pledged to share timely updates as they learn more.

Bridges and wrapped-asset markets move tokens between blockchains and often rely on complex contract logic and external price data. Investigators examining such incidents typically look for minting or accounting anomalies, flash-loan style manipulations, and vulnerabilities in bridge logic. At this stage, public information is limited to on-chain traces and official statements from the projects and researchers involved.