QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
UNKNOWN
JUNE 2025
GLOBAL
ECHO PROTOCOL
DESCRIPTION OF EVENTS
Echo Protocol is a comprehensive and unified ecosystem built to unlock the full potential of Bitcoin (BTC) by enabling users to bridge, stake, and earn yield on their BTC assets. Through its platform, users can stake their Bitcoin to access high-yield DeFi opportunities while benefiting from a streamlined and secure staking process. Echo promotes a “fluffy” and accessible experience for both novice and experienced users in the Bitcoin DeFi space.
The protocol boasts a significant total value locked (TVL) of over $329 million, with more than 3,500 BTC currently staked. Echo Strategy and Echo Lending are two key components of the platform. Echo Strategy helps users maximize BTC yields with an annual percentage yield (APY) of up to 22%, while Echo Lending offers a lending market with over $220 million in net assets, $22.3 million borrowed, and a 9.16% utilization rate.
Echo is structured into multiple layers—BTC Liquidity & Aggregation, BTC LST Infrastructure, and BTC Yield Layer—all designed to work seamlessly together. Backed by leading investors and partners, Echo invites users to explore documentation, join the community on platforms like Discord and Telegram, and become part of what it calls the “fluffy side of Bitcoin.”
It would appear that Echo Protocol's Twitter/X account was not fully secure.
"According to the Echo team, the official X account was compromised yesterday by unknown actors and used briefly to disseminate misinformation and suspicious links unrelated to the project."
It is unclear what losses are directly attributable to this situation.
"The team promptly activated emergency response protocols and worked closely with X’s security team to resolve the issue. The account was successfully recovered earlier today."
According to the founder, links were being removed live by "swift response[s] from Doppel".
Echo Protocol founder JP notes that there do not appear to have been any significant fund withdrawals during the period in question.
"All user funds and data remain secure, and the smart contracts governing the protocol continue to operate without disruption."
"Echo Protocol has already strengthened its internal account security procedures and urges community members to stay vigilant and avoid interacting with unverified links or unauthorized communications."
"Echo Protocol founder JP (@jonphayyy) also issued an official statement via his personal X account following the successful account recovery."
There is no indication that the protocol is taking any actions to assist affected users.
According to found JP, the team "will be publishing a detailed public report outlining the incident, including how the compromise occurred on our X account which has been an increasingly common issue across crypto projects. We are also actively reviewing our internal processes to strengthen our security and ensure this doesn’t happen again. A full scale investigation will also be conducted to find out who our hacker was given that this was a professionally orchestrated attack."
"The team also stated that it will further investigate the breach and is prepared to pursue legal action if warranted."
SlowMist - "SlowMist Security Alert It appears that @EchoProtocol_ ’s X account has been compromised, and the reported hack is fake. The links to a phishing Telegram channel pushing a fake Safeguard verification bot — a known scam tactic. Do not click the link. Stay alert." - Twitter/X (Jun 17)
New Scam Technique - Fake Safeguard Scam on Telegram - SlowMist Medium (Jun 17)
Echo Protocol - "Echo is partnering with @hyperion_xyz. We’re bringing deeper liquidity, better incentives, and more ways to earn with BTC in DeFi. Stay tuned for more partnership deets!" - Twitter/X (Jun 17)
Echo Protocol - "As of this morning, we have regained full control of our X account. Several posts made during the breach contained false information shared by the attacker. Those were untrue and do not reflect the views or actions of the Echo team." - Twitter/X (Jun 17)
Echo Protocol - "@OdailyChina and @Foresight_News have reported on Echo Protocol’s successful recovery of its X account following the recent breach." - Twitter/X (Jun 17)
Echo Protocol - "Echo Protocol, a key infrastructure protocol built on the Bitcoin ecosystem, announced today that it has successfully regained access to its official X account (@EchoProtocol_). The account is now fully operational and secure, with complete administrative control restored." - Twitter/X (Jun 17)
AirBeeHoliday - "Fix your X account." - Twitter/X (Jun 17)
MikeApt - "@EchoProtocol_ account has been hacked, Ignore any tweets please share this tweet." - Twitter/X (Jun 17)
DecenaMarketing - "WARNING! Certik, a leading blockchain security company investigated @EchoProtocol_ to find out that the account was hijacked! There were no reported victims, yet the incident could have influenced its hot wallet owning followers and put them at the highest risk. Get a" - Twitter/X (Jun 17)
CertiKAlert CertiK Alert - "#CertiKInsight @EchoProtocol_ X account has been compromised. Please ignore all posts and do not interact until the issue is resolved. Stay Vigilant!" - Twitter/X (Jun 17)
titanapt titan.loonies - " @Aptos Community Alert: The @EchoProtocol_ The X account is hacked. DO NOT engage with recent posts or click any links, especially new Telegram ones. The Echo Protocol itself is SAFE - - and all BTC on Aptos is secure. The team is resolving the issue with X. Stay" - Twitter/X (Jun 17)
JP Echo - "Please follow our official account @echoprotocolxyz for updates as we work closely with X to recover our original account. In the meantime, stay safe and avoid clicking on any links shared by @EchoProtocol_. We will continue to share official updates through @echoprotocolxyz." - Twitter/X (Jun 17)
GoPlusZH - "The Bitcoin restaking platform @EchoProtocol_ is suspected of having its Twitter account compromised. The claim that 2,515.648579 uBTC was stolen, posted by this account, is false information. The provided Telegram link for Echo Protocol leads to a fake Safeguard phishing scam. Do not click it to avoid asset loss!" - Twitter/X (Jun 17)
VJweb3 VJ - "hey Aptos fam, the @EchoProtocol_'s X account seems compromised better not to engage with anything until further updates from their team last month, Thetis Market's X account was also compromised, but the team has not yet posted the reasons & started posting their products" - Twitter/X (Jun 17)
thecaptaingates Chetan the "Robo" - "Thank you, @PocketUniverseZ, for hiding the @EchoProtocol_ tweets on the timeline for now, for the users of the extension (Even if its an Aptos protocol, not an EVM-based one). Ive been using Pocket Universe for years now, and it runs and tests transactions on MetaMask for you" - Twitter/X (Jun 17)
Msageer - "PSA: The official @EchoProtocol_ X account has been compromised. No user funds or data affected Protocol is fully secure Avoid clicking suspicious links Follow @echoprotocolxyz for updates Let's stay vigilant and report any shady posts." - Twitter/X (Jun 17)
guohai123 APT - " @EchoProtocol_ TGE" - Twitter/X (Jun 17)
M_Blinkx - "@apt_miguel @EchoProtocol_ Thanks for the heads up. Hope the Echo team regains their account back soon." - Twitter/X (Jun 17)
Umbrel_nega Umbrel - " @EchoProtocol_ twitterTwitter" - Twitter/X (Jun 17)
angelataptos angel.apt - "@EchoProtocol_ has notified us that their X account just got compromised and they are working with X to get it back. Please be mindful out there everyone and do not interact with any links on the latest post. The current post on their account is not legitimate." - Twitter/X (Jun 17)
apt_miguel MikeApt - "BREAKING @EchoProtocol_ X account has been hacked, Ignore any tweets please share this tweet." - Twitter/X (Jun 17)
M_Blinkx - "Glad to see @EchoProtocol_ back in control. Security breaches are tough—but transparency and swift action matter most Lets look forward for full the update!" - Twitter/X (Jun 17)
M_Blinkx - "@echoprotocolxyz @EchoProtocol_ Community's got your back — security first, always. Let's rebuild stronger." - Twitter/X (Jun 17)
Ericmoore_11 Ericmoore.apt - "BREAKING @EchoProtocol_ X account has been hacked, Ignore any tweets Apparently, a new TG has been put there to mislead non-suspecting victims Please stay safe and share this tweet." - Twitter/X (Jun 17)
SarkyUsman Usman.Apt - "Dont interact with @EchoProtocol_ as their x account being hacked" - Twitter/X (Jun 17)
muhammad_ayk MKAY - "Breaking.... @EchoProtocol_ X account has been hacked, be careful with what you see there or click there" - Twitter/X (Jun 17)
Rid1_Tamil - "SCAM ALERT The post about @EchoProtocol_ $EP claim is FAKE. The link (token-echoprotocolcom) comes from a HACKED account. Do NOT connect your wallet Do NOT click any links Always verify from official sources Stay safe out there my @Aptos Homie" - Twitter/X (Jun 17)
M_Blinkx - "It's been confirmed that the @EchoProtocol_ X account has been compromised. Please DO NOT interact with or click on any links from their recent posts. The Echo team is actively working with X to regain full control of the account. Let's all stay sharp and protect ourselves." - Twitter/X (Jun 17)
mr_zaroq mr_zaroq.apt - "@EchoProtocol_ X account has been compromised Do not join the Telegram link in the second tweet of the pinned thread" - Twitter/X (Jun 17)
kantianum Kantian - "@EchoProtocol_ Can you please check your DMs" - Twitter/X (Jun 17)
thisttv ttV (Jun 17)
Echo Protocol Homepage (Jun 17)
