In the first four months of 2026, losses from problems in the DeFi world exceeded $1 billion. April was particularly bad, with over $634 million lost due to more than 28 separate incidents – making it the worst month on record for these types of losses.
Drift and KelpDAO together were responsible for $577 million of the losses seen in April, and these losses weren’t due to hacked code.
DefiLlama’s 2026 hack breakdown tells the same thing.
The most common ways attackers steal funds involve exploiting LayerZero bridges (18%), gaining access to compromised admin keys (16%), creating fake tokens (14%), and compromising users’ private keys (11%).
Most of the money stolen this year wasn’t due to complex coding errors in smart contracts. Instead, it was caused by problems with how systems were run and managed, or mistakes in handling important security keys.
Echo Protocol just became the latest data point.
On May 18th, someone exploited a vulnerability in the Echo Protocol on Monad, creating 1,000 counterfeit eBTC tokens worth approximately $76.7 million.
The issue with these fake tokens is they’re useless unless you can exchange them for actual assets. So, the users deposited a small amount into Curvance’s lending platform as security, allowing them to borrow real Bitcoin.
They moved the Bitcoin to Ethereum, exchanged it for ETH, and then used Tornado Cash to obscure the transaction. They ended up with approximately $816,000.
While people are saying the amount is $76.7 million, the actual figure is $816,000. The significant difference between these two numbers is the most important part of this story.
Earlier today, Echo Protocol detected suspicious activity on Monad involving eBTC. This resulted in the unauthorized creation of new tokens and a loss of funds. Our investigation shows the problem stemmed from a hacked administrator key for the Monad version of the protocol. We are currently…
— Echo Protocol (@EchoProtocol_) May 19, 2026
This breakdown covers what happened, how, and what it says about DeFi security right now.
Ultimately, the contract itself was sound. However, a compromised administrator key and weak security measures led to the losses, and this pattern is responsible for the majority of DeFi incidents in 2026.
Post Mortem (The Summary)
- Echo Protocol was not hacked through bad smart contract code. The attacker stole or accessed an admin key.
- That admin key controlled minting rights for Echo’s eBTC token on Monad. One private key was enough to create fake Bitcoin-backed tokens.
- The attacker minted 1,000 fake eBTC, worth about $76.7 million on paper. But those tokens had no real BTC backing.
- They could not cash out the full amount because Monad liquidity was thin. So they used 45 fake eBTC as collateral on Curvance.
- Curvance accepted the fake eBTC as normal collateral and let the attacker borrow real WBTC.
- The attacker escaped with about $816,000 in real value, not $76.7 million.
- Echo later burned the remaining 955 fake eBTC and paused affected functions.
- Monad itself was not hacked. Curvance’s main protocol was not directly hacked either. The failure came from Echo’s admin setup and Curvance trusting newly minted collateral.
- The core lesson: DeFi attackers are now targeting keys, admins, bridges, infrastructure, and team operations more than smart contract bugs.
- Basic protections could have reduced or stopped this: multisig admin control, timelocks, mint caps, rate limits, and collateral checks.
- Echo got lucky. The attacker only failed to drain more because there was not enough liquidity to cash out the fake tokens.
The Players
Here’s the full breakdown of what happened, and how.
- Echo Protocol
BTCFi is a project that brings Bitcoin into the world of DeFi. They allow you to convert your Bitcoin into a different form that can earn rewards when used in DeFi applications.
The project is primarily built on Aptos, where its token is known as aBTC. It reached its highest value, with a total value locked (TVL) of $878 million, in May 2025, but currently has a TVL of around $254 million.
Echo has grown into Monad as Monad launches its main network. On Monad, Bitcoin is represented by a token called eBTC.
It’s important to understand that aBTC and eBTC are two distinct cryptocurrencies and cannot be exchanged with each other. They were created independently and aren’t linked. The recent hack only affected eBTC on the Monad network.
- Monad
This is a recently launched, fast, and scalable blockchain network (Layer 1) that’s generating a lot of excitement. Many new projects are currently being built on it.
Echo experienced an issue, but the Monad network itself wasn’t affected. According to co-founder @keoneHD, Monad continued to operate as expected. The problem was a failure within the Echo protocol, built on top of Monad.
Just to be clear, the Monad network isn’t impacted and continues to function as usual. Security researchers have found that approximately $816,000 was taken due to a recent issue with eBTC, a project by Echo Protocol.
— Keone Hon (@keoneHD) May 18, 2026
- Curvance
This lending platform is built on Monad and works similarly to Aave. However, it’s designed with extra security: each asset is kept in its own separate pool. This means that if one asset is compromised, it won’t affect the rest of the platform.
They had listed eBTC as a collateral asset.
- Tornado Cash
This service mixes (or ‘launders’) Ethereum. You send ETH to it and receive the same amount from a new, unrelated wallet, effectively hiding the original transaction history. It’s commonly used by hackers to cover their tracks.
Security Alert: The Echo Protocol on Monad has been hacked. An attacker created (minted) 1,000 $eBTC, valued at $76.7 million, by using a known exploit to steal funds through Curvance. The hacker has already deposited 45 $eBTC (worth $3.45 million)…
— Onchain Lens (@OnchainLens) May 18, 2026
What Got Exploited
The eBTC token from Echo on Monad is a typical ERC-20 token, built with OpenZeppelin’s widely-used role-based access control system. This system is a common standard in the DeFi world, adopted by most reputable projects.
Two roles matter in its setup:
- DEFAULT_ADMIN_ROLE: the master role. Can grant or revoke any other role on the contract.
- MINTER_ROLE: can call mint() and create new eBTC tokens.
Typically, only the Echo team can create these tokens. New tokens are made only when actual Bitcoin is secured as collateral, and the Echo team then creates an equivalent amount of eBTC. This simple process is the foundation of how wrapped tokens work and ensures their value.
Here’s where Echo messed up.
As a crypto investor, I was pretty concerned to learn that all the power to create new tokens was held by a single wallet. It was a basic, everyday wallet – just one private key controlling everything. And here’s the scary part: there were absolutely no safeguards in place. Whoever had access to that key could essentially print unlimited tokens at any time, with no limits or checks. It felt like a huge risk!
The entire Echo system on Monad, worth over $254 million, was secured by a single private key. That key was compromised, and the cause is still unknown. It could be due to various factors, like phishing, a virus on a computer, a security breach, someone leaking the key, or a problem with a software tool. Echo hasn’t shared details about what happened.
The Attack Step by Step
Date: May 18, 2026, around 5:55 PM ET
- Step 1: Attackers use the stolen admin key to grant themselves DEFAULT_ADMIN_ROLE on a fresh wallet. They’re now admin too.
- Step 2: From that new admin role, they grant themselves MINTER_ROLE. They can now mint.
- Step 3: They call mint(attacker_wallet, 1000e8). 1,000 eBTC shows up in their wallet. Notional value $76.7M. Real BTC backing: zero. These tokens are completely fake, phantom claims on Bitcoin that don’t exist anywhere.
- Step 4: They revoke the original Echo admin and their own admin role too. Cleanup move so it looks less suspicious on-chain. From the outside, it just looks like a random wallet holding 1,000 eBTC.
The system is now failing mathematically. There are 1,000 more eBTC tokens in circulation than there is actual Bitcoin to support them.
Okay, so here’s the thing – the hacker hasn’t *actually* stolen anything of value yet. These fake tokens they created are basically useless unless they can find someone to trade them for real currency. It’s all just digital fluff until it becomes real money in my wallet.
The Cashout Flow
Trying to sell a large amount of fake eBTC (1,000 units) on a decentralized exchange (DEX) wouldn’t work. Monad’s DEXs don’t have enough available funds to handle that volume without the price dropping to zero immediately, and traders would quickly exploit the situation. Therefore, the attacker targeted a lending platform instead.
- Step 5. Deposit 45 eBTC ($3.45M paper value) into Curvance as collateral. Curvance accepts it because, from the contract’s view, eBTC is eBTC. No oracle or check that separates “freshly minted fake eBTC” from “legit BTC-backed eBTC.” That’s the second failure of this hack. Lending markets just accept new collateral at face value without checking where it came from.
- Step 6. Borrow 11.29 WBTC against it, about $868K of real wrapped Bitcoin. WBTC is the major BTC-on-Ethereum token, deep liquidity, fully backed. They now have $868K of real value, secured by $3.45M of fake collateral they’re never coming back for.
- Step 7. Bridge the WBTC to Ethereum. That’s where liquidity lives and where Tornado works.
- Step 8. Swap WBTC to ~384 ETH on Ethereum (~$822K).
- Step 9. Run the 384 ETH through Tornado Cash. Trail breaks. Funds land in fresh wallets that can’t be traced back.
Total real money out: approximately $816,000.
How Echo Responded
Almost immediately after the hack became known, Echo regained control of the system, destroyed the 955 eBTC that were still in the hacker’s wallet (that wallet is now inactive), and temporarily stopped all features that connected Monad to other blockchains.
As a precaution, they temporarily stopped activity on the Aptos bridge and lending platform, even though those systems hadn’t shown any issues. On Monad, they updated a key contract to limit the problematic functions and plan to apply similar fixes to their other bridges that work with EVM.
Curvance temporarily stopped trading on their eBTC market. They verified that their systems were secure and highlighted that their unique market structure kept the issue from affecting other lending platforms.
Keone from Monad clarified the chain was untouched and pegged the actual loss at around $816K.
The Breakdown
Looking at the data, the significant difference between the initial $76.7 million and the final $816,000 really tells the whole story of what happened. Curvance was the only realistic option for resolving the situation, and its resources ultimately limited the amount we could borrow to around $868,000.
| eBTC minted | 1,000 (notional $76.7M) |
| Deposited to Curvance | 45 eBTC |
| WBTC borrowed | 11.29 (~$868K) |
| Sent through Tornado | ~384 ETH (~$822K) |
| Actually stolen | ~$816K |
| eBTC burned by Echo | 955 |
| Aptos exposure | ~$71K |
| ECHO drawdown | ~11-12% |
Until Echo destroyed them, the remaining 955 eBTC had no place to be traded. Luckily, Monad’s limited trading volume prevented Echo from suffering a far greater financial loss – on Ethereum, this situation could have resulted in losses of around $76 million.
Why this was an operational hack, not a smart contract hack
The code itself wasn’t the problem; it was functioning correctly. The issue stemmed from how Echo had configured everything related to the contract.
- The admin role was held by a single wallet instead of a multisig. Stealing a single private key was enough to take over the entire protocol.
- There was no time lock. When the attacker granted themselves admin and then minter rights, those changes went live immediately. No delay, no window for the team to notice and respond.
- The contract had no maximum supply. Minting 1,000 eBTC with zero BTC backing was technically allowed by the rules of the contract itself.
- No rate limit either. The attacker minted the entire 1,000 in a single transaction, rather than being forced to spread it out.
- Curvance accepted the freshly minted eBTC as collateral without checking whether it was legitimately backed. The lending market just saw eBTC tokens in a wallet and treated them the same as real ones.
These aren’t unusual or unproven solutions. Features like multisignatures, time-based locks, limits on new tokens, and supply verification have been standard practice in reputable DeFi projects for a long time. Echo simply chose not to implement them.
May 2026 looks like this
Echo is the 14th hack this month. The year so far:
| Protocol | Loss | Vector |
| KelpDAO (Apr) | $292M | RPC poisoning + DDoS (Lazarus) |
| Drift | $285M | Social engineering (Lazarus, UNC4736) |
| THORChain (May 15) | $10M+ | Vault breach |
| Verus bridge (May 17) | $11.6M | Cross-chain verification |
| Echo (May 18) | $816K | Admin key |
| Transit Finance | $1.88M | Deprecated contract |
In 2026, bridge hacks resulted in around $328.6 million in losses across 8 separate attacks. Surprisingly, none of these breaches were caused by flaws in the Solidity code itself. Instead, attackers are now targeting vulnerabilities in areas like private keys, signing processes, RPC endpoints, and off-chain verification systems. Essentially, they’ve shifted their focus to higher-level components. Here are a few notable incidents from this year to keep an eye on:
- Drift (April): Not a technical exploit. UNC4736 (North Korea) spent six months social engineering Drift employees, then drained $285M in 12 minutes. Six months of prep, 12 minutes of execution. That’s a military op, not a hack.
- KelpDAO (17 days later): Same group, completely different vector. They poisoned LayerZero’s RPC infrastructure and forged cross-chain messages for $292M. State-sponsored teams running multiple playbooks in parallel.
- AI is showing up too: Google confirmed the first AI-powered mass exploit on May 11 (AI found a zero-day and wrote bypass code for 2FA). GoPlus reported a 231% MoM jump in Web3 losses partly tied to AI. CrowdStrike puts the average eCrime breakout time at 29 minutes, with the fastest at 27 seconds. The attack side is automating, defense mostly isn’t.
- Resolv Labs (March): Admin key compromise on a stablecoin issuer. Attacker minted 80M unbacked USR, drained $25M, and USR depegged by 80%. Same root cause as Echo, completely different protocol type. The pattern doesn’t care what you’re building.
Ondo Finance made a clear point in their review of a recent incident: there isn’t one simple type of security flaw to protect against. Many projects still haven’t fully grasped this idea.
The theft of funds from Echo wasn’t an isolated incident. It occurred during a period of unusually high security risks for decentralized finance, and the protocol’s security measures were outdated, reflecting older standards from 2022.
So what?
Over the past five years, the world of DeFi has made significant strides in smart contract security. This includes improvements like thorough audits, bug bounty programs, and formal verification methods.
Attackers shifted their focus from the software code itself to everything surrounding it – things like encryption keys, servers, employees, and even those responsible for signing code. These supporting elements rarely undergo security checks, making them vulnerable.
When it comes to protocols that represent Bitcoin, the most important thing to consider is who has the ability to create (or ‘mint’) new tokens, and how difficult it would be for someone to gain control of that ability.
A truly secure project needs multiple signatures with a time delay, a limit on how many tokens can be created, and a system to verify the source of any new funds used as collateral. If it’s just a single wallet controlled by one key, that’s $254 million at risk of being stolen. The Echo project fell into the latter category.
As a researcher, I’ve been tracking the fallout from recent exploits, and it’s clear the damage isn’t isolated. While Aave itself wasn’t directly hacked in April, it still experienced a $5.4 billion drop in Total Value Locked (TVL) within just 48 hours of the KelpDAO incident. What we saw was a widespread panic – users quickly withdrew their funds not just from the affected protocol, but across the entire DeFi sector. This is the new reality: when one protocol is compromised, it triggers a repricing event for the whole market.
These solutions to improve the protocol aren’t groundbreaking – they’ve been known for a long time. Things like requiring multiple approvals for admin actions, delaying changes with a time lock, limiting the total supply, and verifying collateral are all established practices. The problem is, these improvements don’t immediately attract users or create a better user experience, so projects only implement them after a major incident forces their hand.
Echo was lucky the attacker couldn’t profit fully because there wasn’t enough trading activity on the platform. Future projects won’t be able to use that as a reason if they’re attacked.
Read More
- Elon Musk’s Ex Ashley St. Clair Reveals When Romance Became “Weird”
- Forza Horizon 6 Car List So Far: Confirmed Highlights, Cover Cars, DLC, and Rewards
- GBP CNY PREDICTION
- Mark Zuckerberg & Wife Priscilla Chan Make Surprise Debut at Met Gala
- Elon Musk’s Mom Maye Musk Shares Her Parenting Philosophy
- 10 Greatest Manga Endings of All Time
- Ranking the 5 Best Spring 2026 Anime So Far (Mid-Season Update)
- 20 K-Dramas That Nailed the Perfect Ending
- 10 Best Free Games on Steam in 2026, Ranked
- Miranda Kerr Shares “Quick” Procedure She Got Before Met Gala 2026
2026-05-25 17:27