Crypto News: Echo Protocol Loses $76.7M in eBTC as DeFi Hacks Rise in 2026

Key Insights:

• In recent crypto news, Echo Protocol paused cross-chain transfers after an attacker minted about $76.7 million in unauthorized eBTC on Monad.
• Crypto hack news: the attacker used 45 eBTC as collateral on Curvance to borrow nearly $868,000 in wrapped Bitcoin.
• Researchers linked the Echo Protocol exploit to a compromised admin key, while Monad and Curvance denied core breaches.

Echo Protocol suspended cross-chain activity after attackers minted about 1,000 unauthorized eBTC tokens on Monad, triggering one of the latest major DeFi exploits this year.

Blockchain security firms PeckShield and Lookonchain first flagged the suspicious mint activity on Tuesday. Echo Protocol later confirmed the breach and halted bridge operations while investigators reviewed the incident.

Crypto Hack News: Attacker Uses eBTC to Borrow Real Bitcoin Assets

The exploit began with unauthorized eBTC creation on Monad, where Echo Protocol had expanded its Bitcoin liquidity and yield services. The attacker minted about 1,000 eBTC, then used part of that balance to borrow real Bitcoin-backed assets through Curvance.

On-chain investigators said the exploiter deposited 45 eBTC, worth about $3.45 million, into Curvance. The collateral allowed the attacker to borrow about 11.3 wrapped Bitcoin, valued near $868,000 at the time, before moving the assets away from Monad.

After securing the WBTC, the attacker bridged the funds to Ethereum and swapped them into ETH. PeckShield estimated that about 384 ETH, worth roughly $822,000, was later moved into Tornado Cash.

Most of the unauthorized eBTC initially remained in the attacker’s wallet. However, Echo Protocol later said it burned the remaining 955 eBTC after regaining control of the affected admin keys. That step removed the unbacked supply from circulation.

Echo Protocol Links Breach to Admin Key Control

Early reviews pointed to a compromised admin key, not a failure in Echo Protocol’s smart contract code. Blockchain developer Marioo said the eBTC contract operated as designed, but the attacker abused privileged access tied to administrative control.

The case raised fresh attention around private key management in DeFi. Researchers pointed to several weak controls, including single-signature admin access, no timelock, no minting cap, and no issuance rate limit.

Those controls matter when a token can enter lending markets as collateral. If one key can mint new supply, lenders need limits that block sudden collateral creation from turning into real borrowed assets.

Curvance paused the affected Echo eBTC market after detecting the issue. The protocol’s own smart contracts did not suffer a breach, as its isolated market structure helped contain the incident.

Monad and Aptos Bridges Face Precautionary Pauses

Monad co-founder Keone Hon said the Monad network continued to operate normally during the incident. The statement separated the chain’s base network from Echo Protocol’s affected bridge operations and eBTC contract controls.

Echo Protocol also said it paused cross-chain functionality for its Monad deployment. The team completed an upgrade to the relevant Monad contract to limit affected functions and strengthen control over sensitive operations.

Although Echo’s Aptos bridge did not face the same breach, the protocol paused Aptos bridge operations as a precaution. Echo Protocol’s main platform operates on Aptos, while its expansion brought eBTC and related Bitcoin DeFi products to Monad.

DeFi Hacks Keep Rising in 2026

The Echo Protocol exploit adds to a growing list of DeFi attacks in 2026. Several protocols have suffered losses this year, with bridges, lending markets, legacy contracts, and cross-chain tools repeatedly attracting the attention of attackers.

Recent cases include Verus Protocol’s Ethereum bridge exploit, which involved a fraudulent cross-chain transfer message and resulted in at least $11.6 million in stolen crypto. THORChain also halted trading after blockchain investigator ZachXBT flagged a suspected $10 million exploit.

Transit Finance recently disclosed a smart contract attack that resulted in nearly $1.88 million in losses. Earlier in the year, Drift Protocol and Kelp DAO each suffered attacks worth more than $200 million.

The post Crypto News: Echo Protocol Loses $76.7M in eBTC as DeFi Hacks Rise in 2026 appeared first on The Market Periodical.