1 hour ago
669
In a significant security lapse, SecondFi, a wallet application within the Cardano ecosystem, suffered a major breach that led to the theft of assets worth millions. Previously known as Yoroi, SecondFi has reported that on June 23, vulnerabilities in its system potentially compromised users’ private keys, leading to possible unauthorized access to their funds.
How Extensive Is the Damage?
The breach resulted in at least 178 wallets being directly affected, with confirmed losses amounting to 16 million ADA, approximately valued at $2.4 million. The stolen assets include various cryptocurrencies and NFTs, underscoring the breach’s broad impact.
Could Users’ Assets Still Be at Risk?
Yes. The security firm SlowMist indicates that the risk could extend far beyond initial projections, estimating that up to 129 million ADA could be vulnerable. This projection hints at additional, untouched wallet exposures.
SecondFi acknowledged that their Cardano wallet software contained the root vulnerability causing this breach. Affected users are urged to relocate their assets for enhanced security, as the platform temporarily halted all transactions following the incident.
SecondFi’s relaunch from Yoroi in April 2026 only compounded the breach’s impact, linking the issue to a wallet with vital connections to Cardano’s origins. This association with Cardano’s history has raised concerns about the ecosystem’s overall security.
- 178 wallets have been confirmed to be affected.
- Losses total 16 million ADA, worth around $2.4 million.
- Potential exposure may put up to 129 million ADA at risk.
Other threats have emerged as scammers exploit the breach, impersonating SecondFi and offering fraudulent recovery tools to deceive users. Experts urge users to create new private keys and transfer their holdings to secure wallets while awaiting a full security report and resumed operations.
English (US)