- Hacking Echo Admin keys resulted in $76.7M in illegal eBTC production.
- The attacker used fake eBTC to borrow and link real crypto assets.
- The ECHO token has fallen sharply as panic selling quickly hit the market.
The ECHO token came under intense pressure after a major security breach associated with the Echo Protocol led to the illegal creation of approximately $76.7 million worth of eBTC, causing a global loss of confidence.
This practice was carried out in a random access violation, which allows the attacker to bypass normal restrictions and create artificial objects without collateral.
The use quickly grew from a technical breach to disrupting the entire market.
A few hours after the scheme became known, the ECHO token fell sharply as traders rushed out of the uncertainty surrounding the stability of the scheme and the growth of eBTC.
Hacking the Admin keys made eBTC unlimited
At the heart of the exploit was spoofing the admin secret key, which gave the attacker control over production permissions within the Echo Protocol system.
With this advantage, the attacker was able to generate around 1,000 eBTC tokens without having to deposit any collateral.
These tokens are not backed by real Bitcoin databases, meaning they act as virtual tokens within the system.
The sudden growth of eBTC to nearly $76 million in value led to the recent crash of the integrated lending system or trading that accepted it as collateral.
After it was created, the attacker began to run the product through financial programs.
A portion of the fake eBTC was deposited into lending markets such as Curvance, where it was used to borrow wrapped Bitcoin (WBTC).
From there, the borrowed funds were connected to the network, converted to ETH, and partially managed by private devices, including Tornado Cashin order to hide the ways of trade.
Blockchain researchers who tracked the flow of money observed that approximately 955 eBTC remained under the control of the attackers, representing a significant amount of illegal assets.
Only a small portion of the stolen value was successfully converted into liquid assets at the beginning of the project.
The ECHO symbol has fallen sharply as panic spreads through the market
When the project became known, the ECHO brand took immediate action.
The price has fallen by 11% in a short period of time, reflecting the current market concern for the safety of the protocol and the potential impact of the increase in BTC’s supply in the ecosystem.
The market faced two major risks.
The first was the ability to refactor or continue exploits if access controls were not adequately protected.
The second was the uncertainty surrounding the bad debt created in the lending markets where decentralized eBTC was previously used as collateral.
Fluid properties became stronger as participants reduced their exposure to ECHO and related properties.
The sudden outflow of interest increased significantly, furthering the benchmark’s decline and increasing volatility among related trading groups.
Echo Protocol stops the service and starts searching
In response to the breach, Echo Protocol stopped suspending communications services, aiming to slow down the flow of stolen funds and prevent other forms of fraud.
The suspension affected the operation of the bridge and chains, which were used by the attacker to move goods between networks during the cleaning process.
The incident did not affect the core of the Monad blockchain, which continued to function normally.
This issue is separated from the control part of the Echo Protocol, specifically the privileged permissions associated with mining managers.
Security researchers investigating the breach pointed to a breach of the admin password as a point of failure.
Instead of having to deal with the mathematical problems of tokens or the logic of the contract, the attack used a control vulnerability that allowed an unlimited supply of assets when the key was revealed.
