News linked to both this project and an event.
Odaily Echo Protocol posted on X platform, confirming a security incident on the Monad cross-chain bridge. An investigation is currently underway, and all cross-chain transaction functions have been suspended. The protocol stated that it will continue to provide updates through official channels once the investigation progresses.
Odaily Odaily News Monad co-founder Keone Hon posted on the X platform, stating that the team has noted a security incident related to eBTC on EchoProtocol. Security researchers are currently investigating the matter. The Monad network itself has not been affected and is operating normally.Additionally, a preliminary review by security researchers determined that this exploit targeting EchoProtocol's eBTC has resulted in the theft of approximately $816,000 in assets.
According to on-chain analyst PeckShield (@PeckShieldAlert), Echo Protocol was hacked on Monad. The attacker minted 1,000 $eBTC out of thin air (valued at approximately $76.7 million), then deposited 45 $eBTC (approximately $3.45 million) into Curvance and used it as collateral to borrow roughly 11.29 $WBTC (approximately $867,700). The attacker subsequently bridged the $WBTC cross-chain to Ethereum, swapped it for $ETH, and laundered 384 ETH (approximately $821,700) via Tornado Cash.
According to Onchain Lens monitoring, Echo Protocol on Monad has been attacked. The attacker minted 1000 eBTC, worth $76.7 million, and withdrew the funds through Curvance via a previously tested attack path.As of now, the attacker has deposited 45 eBTC as collateral into Curvance and borrowed approximately 11.29 WBTC, worth $867,700; the attacker then cross-chained this portion of WBTC to Ethereum, swapped it for ETH, and transferred 385 ETH (worth approximately $818,000) to Tornado Cash. The attacker currently appears to still control a large amount of the minted eBTC.
Keone Hon, co-founder of Monad, stated that if a pooled lending protocol allows an asset to be deposited as collateral, it should impose rate limits on the increase in supply rather than opening up to the maximum supply cap all at once. For example, if the current supply is $100 million and the cap is $300 million, the supply should only be allowed to increase to $110 million within the next 10 minutes. He noted that this approach would limit the scale of possible withdrawals in the event of a hack targeting heterogeneous assets—particularly those exploiting infinite minting vulnerabilities—thereby constraining the impact of such attacks. Keone Hon believes lending protocols are typically the largest exit channel for associated assets. Implementing a “smart cap”—initially set slightly above the current supply and gradually adjusted over several hours to the true cap—would significantly improve risk control and could have prevented today’s ~$200 million loss for rsETH depositors.