- Echo Protocol saw a major security breach on Wednesday, when compromised keys hit the Monad deployment that allowed attackers to obtain 1,000 eBTC tokens.
- Exposures associated with Aptos’ investment pools and rental markets remained at approximately $71,000.
- The price of ECHO presented a definite risk below the February 2026 low of $0.0055, increasing the risk of a near-term correction.
Echo Protocol, a Bitcoin liquidity and yield aggregation platform, saw a sudden sell-off of 12% ahead of Wednesday’s US market hours to trade at $0.0049. The main contributor of this fall is serious security breach on the eBTC deployment of the Monad blockchain, where the attacker used a compromised control key to generate 1,000 eBTC tokens. The team immediately halted Monad communications operations to assess the damage, and began a full assessment of the incident and raising the bridge.
Echo Protocol Interrupts Admin Violations on Monad Deployment
Another security incident occurred with the eBTC deployment on the Monad blockchain, where unauthorized tokens were created, and approximately $816,000 was withdrawn. The incident, which occurred on May 19, 2026, was the result of a compromised management key rather than a fault in smart contracts or the Monad network.
Spending and Cash Flow
According to data on the chain, hackers took control of the administration and created around 1,000 eBTC tokens. At current prices, this was worth $76-77 million. The exploiter put a stake—around 45 eBTC—on the Curvance lending system as collateral. From there, he withdrew WBTC, exchanged the tokens to ETH, and sent about 384-385 ETH through Tornado Cash to hide these assets.
Peckshield, among other security firms, managed the project and estimated the actual loss at about $816,000. After the first steps, the attacker still has control of 955 eBTC. Later, Echo Protocol confirmed that it recovered the admin keys, and deleted all the tokens stored by the adversary.
The Monad network worked without interruption. Co-founder Keone Hon publicly stated that the blockchain infrastructure was not affected by the event and is working as normal.
Solutions and Storage Methods
Echo Protocol responded quickly after being identified. The team stopped the integration processes associated with the deployment of Monad and upgraded the relevant contracts to improve the management of critical tasks and prevent other unauthorized activities. The use of the bridge in other areas was also evaluated.
As a precautionary measure, although no evidence of tampering was found on the Aptos Bridge, crews suspended operations there. Echo believes that aBTC on Aptos and eBTC on Monad are mutually exclusive. The rental market and the depository in the Exposure on Aptos were only about $71,000 in full exposure, and no losses were confirmed at the time of the announcement.
The protocol also encouraged users to stay away from any unauthorized sites, claims for refunds, or recovery sites, and emphasized that only legitimate methods should be used to communicate with the government. This group cannot request private keys or direct transfers.
Echo Protocol Becomes Third Major Breach in Four Days
The Echo protocol incident closely follows another known breach. On May 15, THORChain was misused for a total of $10.8 million on four chains: Bitcoin, Ethereum, BSC, and Base, which caused a pause in trading and signing. The latest event to drain Verus-Ethereum was about $11.5 million, on May 18. The third largest event in just four days is Echo.
This pace is similar to other times this year. The largest loss of $ 600 million occurred in April 2026, due to the risk of water recycling. KelpDAO Through the LayerZero bridge attack and social engineering attack on Drift Protocol’s decentralized perpetuals exchange that resulted in a loss of $285 million. Malfunctions in the DeFi sector grew rapidly in early 2026, and bridge-related hacks continue to be a major threat.
These repeated incidents highlight the ongoing challenges of managing privileged keys, messaging, and transaction security in DeFi. Even after the analysis, one failure such as admin control (non-multisig) without time blocks or pointers to create folders still exists in the protocol.
Full Safety Inspection and Bridge Upgrade Underway
Echo Protocol revealed that it is conducting a comprehensive study of Monad deployment, bridge architecture, licensing architecture, design concepts, and security practices. External defense cooperation and cooperation with the environment are being carried out to determine the extent of the incident and to implement preventive measures. Additional upgrades to EVM-series bridge deployments are underway to further strengthen bridge security.
The leak appears to be limited to the Monad deployment for now. There has been no evidence of serious inconsistencies with other chains supported by Echo. The market responded, with a downtrend for ECHO and related indicators.
Key Support Areas to Watch as ECHO’s Price Drops Newly
Since last week, the price of Echo Protocol has dropped from $0.0072 to the current price of $0.0049, registering a loss of $36%. As a result, the market cap is down to $1.56M and the 24-hour trading volume is up 20% to $116.96K, indicating strong sales.
During this fall, the price of the coin fell sharply below the February 2026 low of $0.0055. Since today’s volatility was fueled by speculation about the hijacking, ECHO’s price may show volatility in the coming days.
The price may decline again from the recent support of $0.00485 and retest the broken level of $0.0055 as resistance to check its stability for further moves. If traders maintain this resistance, ECHO’s price could drop another 34% to hit $0.0032.
In fact, if the price of money can recover $ 0.55 below, buyers can try its first leg of recovery to $ 0.077.
