Bitcoin-based decentralized finance (DeFi) platform Echo Protocol was the target of a cyber attack that resulted in the minting of approximately $77 million worth of eBTC. The incident was shared with the public by security company PeckShield on Tuesday.
Details of the Attack
As part of the attack, the administrator key of Echo Protocol in the Monad blockchain network was seized, thus generating a total of 1,000 unauthorized eBTCs. The attacker borrowed $3.45 million worth of wrapped bitcoin (WBTC), using the obtained eBTCs as collateral. Following these transactions, the resulting assets were transferred to conceal their traces through a privacy-focused crypto mixer called Tornado Cash.
Echo Protocol announced that after the attack, the administrator keys were taken back under control and the remaining 955 eBTC in the attacker’s possession were burned. In addition, it was shared that inter-chain transfer functions on Monad were stopped and the security level of the relevant contract was increased for critical transactions.
Function of the Platform and Internetwork Activity
Echo Protocol offers users the opportunity to convert their bitcoin amounts into synthetic tokens and provide liquidity and returns on them. Although the main network of the platform is known as Aptos, over time it began to operate on different blockchain networks such as Monad. This differentiation increased the platform’s interaction on various chains.
After the attack, it was announced that the Aptos bridge was not affected, but bridge operations were completely stopped in order to prevent risks. Echo Protocol stated that this injunction will last until the investigations are completed.
Increasing Attacks on DeFi Projects
There has been a significant increase in attacks targeting decentralized protocols in recent weeks. In particular, projects such as Drift Protocol and KelpDAO were at the center of similar attacks that caused over 200 million dollars in damage. This has caused significant concern in the decentralized finance world about the security of smart contracts and administrator access.
Tornado Cash, which is used to hide the traces of crypto assets, has recently become a frequently preferred intermediary in illegal transfers. Tornado Cash, which was included in the sanctions list by the USA due to illegal transactions, continues to come to the fore in such events.
Cyber attacks have once again demonstrated that taking quick precautions and detecting security vulnerabilities in the crypto industry is of critical importance. Platform administrators care about informing the community against similar threats and regularly strengthening the technical infrastructure.
Recent developments regarding Echo Protocol have revealed that risks regarding the security of administrator keys and cross-chain operations on DeFi platforms continue. Experts point out that more advanced security systems should be adopted against such threats.
