Echo Protocol Attacked on Monad, Loss Exceeds $76 Million

Echo Protocol had previously deployed cross-chain BTC products rapidly on the Monad testnet and mainnet, and this attack exposed the inadequacy of its minting mechanism verification. Similar vulnerabilities had previously occurred in multiple DeFi projects on Monad due to contract permissions or oracle issues, and Echo, as an early liquidity project, failed to conduct a formal audit adequately.

In terms of capital flow, the attacker utilized a tested flash loan + collateral lending process to quickly convert counterfeit eBTC into real ETH and launder it through Tornado Cash. The Echo protocol's liquidity pool faced massive withdrawals post-attack, motivated by exploiting the early liquidity shortage and immature contracts of the new chain to achieve low-cost, high-yield attacks.

Similar to multiple early Monad projects (like lending protocols) being attacked due to similar minting vulnerabilities in 2024-2025, and the historical large losses of cross-chain bridges like Ronin and Nomad, Echo Protocol is currently in a transitional phase from rapid expansion to security reshuffling within the Monad ecosystem.

Structural judgment: Essentially a technical substitution. The pursuit of high performance in emerging Layer 1s leads to relatively weak contract verification and permission control. The mechanism of combining flash loans + mintable assets allows a single vulnerability to enable large-scale fund extraction, forcing liquidity value to concentrate from experimental new chain protocols to mature DeFi infrastructures that have undergone multiple rounds of audits and formal verification.

ABAB News · Cognitive Law

The faster the new chain, the more expensive the vulnerabilities.
Minting is easy, laundering is faster.
Audits lag behind, funds run first.