Contact Us
Contact Us

News

About

Home Latest News Stolen Echo admin key minted 1,000 eBTC; $816K cashed out

Stolen Echo admin key minted 1,000 eBTC; $816K cashed out

Author Stablecoin News
Posted: 25 May 2026, 14:51 CET 2 min read

On May 18 an attacker used a stolen Echo Protocol admin key on Monad to mint 1,000 eBTC (notional $76.7M); they borrowed against 45 eBTC on Curvance and extracted about $816,000.

On May 18 an attacker with a stolen Echo Protocol admin key on the Monad network minted 1,000 eBTC, a notional value of about $76.7 million. The attacker deposited 45 eBTC as collateral on Curvance, borrowed roughly 11.29 WBTC, bridged the WBTC to Ethereum, swapped it for about 384 ETH and routed the funds through Tornado Cash. The final cashout was approximately $816,000.

The incident did not involve a flaw in Echo’s smart contract code. The attacker gained control of the wallet holding the DEFAULT_ADMIN_ROLE, granted themselves the MINTER_ROLE and minted tokens that had no Bitcoin backing. Echo’s eBTC deployment on Monad is separate from its Aptos aBTC deployment; only the Monad deployment was affected. Keone, a Monad co-founder, confirmed the network “ran normally throughout.”

Curvance confirmed its contracts were not breached and paused the eBTC market, noting its isolated market design kept the fake collateral from affecting other assets. Echo reclaimed admin control, burned 955 of the minted eBTC and paused cross-chain functions on Monad.

The token contract used industry-standard role-based access control. Operationally, the DEFAULT_ADMIN_ROLE resided on a single externally owned account without multisig, timelocks, mint caps or rate limits. With control of that key, the attacker could mint tokens immediately and revoke roles to obscure on-chain traces. Curvance’s lending market accepted freshly minted eBTC as collateral because the system did not verify the tokens’ provenance.

Echo issued a contract update to restrict certain operations on Monad and paused its Aptos bridge and lending as a precaution. Curvance is assessing risk while its eBTC market remains halted.

DeFi losses exceeded $1 billion in the first four months of 2026, with April alone accounting for about $634 million. Two large April incidents removed roughly $577 million combined. Major loss categories so far include bridge verification exploits, compromised admin keys, spoof tokens and private key compromises. In a post-incident analysis, Ondo Finance wrote, “there is no single class of vulnerability to defend against.”

The gap between the $76.7 million notional mint and the $816,000 cashout resulted from limited liquidity on Monad and the borrowing limits available on Curvance, which capped the attacker’s extractable value.

Stablecoin News
Author

Articles by this author

CBDC vs stablecoin
CBDC vs stablecoin
5 days ago
DeFi Hash expands global mobile cloud infrastructure to facilitate future digital asset participation
DeFi Hash expands global mobile cloud infrastructure to facilitate future digital asset participation
may 18
Staking stablecoin
Staking stablecoin
may 14
MicroStrategy’s 535 BTC Buy Smallest of 2026
MicroStrategy’s 535 BTC Buy Smallest of 2026
may 11
KOLs meaning in crypto
KOLs meaning in crypto
may 7

Latest News

MORE
Tether and Georgia launch GEL₮, Lari stablecoin

Tether and Georgia launch GEL₮, Lari stablecoin

2 hours ago 2 min read
Deel launches Polygon stablecoin payroll for US, Eurozone

Deel launches Polygon stablecoin payroll for US, Eurozone

5 hours ago 2 min read
Coinbase, Flipcash launch USDF stablecoin on Solana

Coinbase, Flipcash launch USDF stablecoin on Solana

8 hours ago 2 min read
Coinbase CEO Urges Tokenization, Stablecoin and AI Rules

Coinbase CEO Urges Tokenization, Stablecoin and AI Rules

10 hours ago 2 min read
MORE