Key Takeaways
- Eco exploits on Monad Bridge
- Attacker allegedly issued 1,000 eBTC to defraud approximately $816,000
Fake 1,000 BTC Alternative Tokens Without Collateral
Echo Protocol, a protocol for operating bitcoin in DeFi (decentralized finance), was hacked on May 19, 2026. The attacker exploited a loophole in the verification of the “bridge” responsible for transferring virtual assets between chains, allowing the attacker to illegally generate 1,000 BTC alternative tokens, or “eBTC”, which originally required collateral.
Dcfgod, an on-chain analyst, was the first to detect the anomaly; security firm PeckShield tracked the funds. Eco officially announced that it immediately suspended all cross-chain transactions and is investigating the incident.
The attacker exploited a vulnerability in Eco’s Monad Bridge, which allowed it to illegally issue 1,000 new eBTC. Of this total, 45 eBTC (worth approximately $34,500) were deposited as collateral on the lending protocol Curvance and 11.29 wrapped bitcoins (WBTC) were borrowed.
The assets were then bridged to the ethereum network and exchanged for ETH. In the end, the attacker transferred 384 ETH to the privacy tool Tornado Cash to hide the funds.
Keone Hon, Monad chief executive, clarified that the security incident has not altered the Monad network itself in any way.
Moreover, according to a survey by security researchers, the damage caused by the attack is estimated to be about $816,000 (about 130 million yen). Carvance has temporarily suspended the affected market and is responding to issues.
This attack is the third major DeFi hack in the past five days. On May 15, THORChain was attacked on a safe, resulting in more than $10 million in outflows; Verus’ Ethereum bridge was also damaged by about $11.6 million. In May 2026 alone, the number of cryptocurrency hacks rose to 14. Attacks targeting bridges are relentless.
The year 2026 has been a record-breaking year for DeFi security, with the industry as a whole calling for a fundamental change in bridge design following reports of $635 million in damage in April.
Bridges, which are responsible for cross-chain asset transfers, are easy targets for attackers due to their mechanism of locking tokens on one chain and minting them on the other. This eco case also highlights the structural risk of inadequate verification of minting authority.
