BREAKING
Jul 4California Just Started Fining Unlicensed Crypto Platforms $100,000 a DayJul 4Six Feds Have 14 Days to Write the Rules for a $320 Billion IndustryJul 310.8 Million Bitcoin Are Now Held at a Loss. Every Time This Happened Before, the Bottom Was In.Jul 3A Privacy Protocol Built to Hide Your Crypto Just Lost 99% of Its Treasury to HackersJul 2The Ethereum Foundation Imploded. Now Two New Orgs — Backed by $11 Billion in ETH — Are Moving In.Jul 2Robinhood Just Launched a Blockchain — And AI Agents Can Now Trade Your Money 24/7Jul 1140 Firms Including Visa, BlackRock, and Google Just Built a Circle KillerJul 1He Promised Crypto Liquidity Yields for 3 Years. It Was a Lie. Now He's Forfeiting 11 Cars.Jun 30The UK Just Halved Its Crypto Capital Rules to Poach Firms From EuropeJun 30Saylor Said 'Never Sell' for Six Years. His Company Just Authorized Selling $1.25 Billion in BitcoinJul 4California Just Started Fining Unlicensed Crypto Platforms $100,000 a DayJul 4Six Feds Have 14 Days to Write the Rules for a $320 Billion IndustryJul 310.8 Million Bitcoin Are Now Held at a Loss. Every Time This Happened Before, the Bottom Was In.Jul 3A Privacy Protocol Built to Hide Your Crypto Just Lost 99% of Its Treasury to HackersJul 2The Ethereum Foundation Imploded. Now Two New Orgs — Backed by $11 Billion in ETH — Are Moving In.Jul 2Robinhood Just Launched a Blockchain — And AI Agents Can Now Trade Your Money 24/7Jul 1140 Firms Including Visa, BlackRock, and Google Just Built a Circle KillerJul 1He Promised Crypto Liquidity Yields for 3 Years. It Was a Lie. Now He's Forfeiting 11 Cars.Jun 30The UK Just Halved Its Crypto Capital Rules to Poach Firms From EuropeJun 30Saylor Said 'Never Sell' for Six Years. His Company Just Authorized Selling $1.25 Billion in Bitcoin
BTC -- --%
ETH -- --%
Fear & Greed F&G 22 Extreme Fear
ESC
Type to search articles
A Hacker 'Stole' $76M in Bitcoin Today. The Actual Damage? $816K.
BREAKING

A Hacker 'Stole' $76M in Bitcoin Today. The Actual Damage? $816K.

A hacker minted $76.7 million worth of fake Bitcoin on the Monad blockchain this morning. They walked away with $816,000.

That gap — $75.9 million — is the story.

What Happened

Echo Protocol, a BTCFi (Bitcoin DeFi) platform deployed on Monad, was exploited at around 2:30 a.m. ET on May 19. The attacker didn’t find a bug in the smart contracts. They stole the admin key.

With that single private key — no multisig, no timelock, nothing — the attacker minted 1,000 eBTC, Echo’s wrapped Bitcoin token on Monad, worth approximately $76.7 million at current prices.

Then the laundering began:

  1. Deposited 45 eBTC as collateral into Curvance, a DeFi lending protocol
  2. Borrowed 11.29 WBTC (~$867,700) against it
  3. Bridged the WBTC to Ethereum
  4. Swapped for ~385 ETH
  5. Sent it all through Tornado Cash

The remaining 955 eBTC — all $73+ million of it — sat in the attacker’s wallet, essentially stranded. You can’t easily dump $73M of an illiquid wrapped token without destroying the price.

The Recovery

Echo’s team regained control of the admin key and burned the 955 eBTC still held by the attacker, wiping out the phantom supply. Curvance paused the Echo eBTC market as a precaution. Monad co-founder Keone Hon confirmed the Monad network itself was never breached — consensus was unaffected.

The exploit was fully contained at the protocol level. The chain kept running.

Why the Contract “Worked As Designed” Is the Scary Part

On-chain researchers noted that the eBTC minting contract functioned exactly as intended. The problem was the infrastructure around it:

  • Single admin key with no multisig
  • No timelock on privileged operations
  • No mint cap or issuance rate limit
  • No supply sanity check by Curvance when accepting freshly minted eBTC as collateral

The hack didn’t require any coding genius. Someone got the key — whether through phishing, infrastructure breach, or insider access — and the rest was just API calls.

This is now the 14th crypto exploit in May 2026 alone.

What It Means for Monad

This was Echo’s problem, not Monad’s. But it lands at a critical moment — Monad has been positioning itself as a high-performance EVM L1, and early-ecosystem protocol security directly shapes how builders and LPs perceive the chain.

Keone Hon’s quick, public statement helped. But the BTCFi ecosystem on Monad just took a visibility hit it didn’t need.

Why This Matters for Crypto Jobs

Admin key compromise is now one of the top exploit vectors in DeFi — and it’s a people + operations problem, not a pure engineering one. The demand for:

  • Smart contract auditors who audit key management, not just code
  • DevSecOps engineers who implement multisig, HSMs, and timelocks as standard
  • Protocol security leads who own the full operational security surface

…is going up. If you’re a builder: knowing how to not do what Echo did is a career-defining skill in 2026.


Looking for your next crypto security or DeFi role? Browse open positions at cryptogrind.com — the job board built for Web3 builders.

How did this hit?

Discussion

Comments are powered by GitHub. Sign in with your GitHub account to chime in.

Related jobs on Cryptogrind

View all

Looking for your next crypto role?

Browse hundreds of Web3 and crypto positions on Cryptogrind — from smart contract engineers to DeFi analysts.

Browse jobs