SecondFi traces Cardano wallet exploit to address-level issue

SecondFi traces Cardano wallet exploit to address-level issue

Cardano wallet SecondFi traced the incident to an address-level issue and secured 129 million ADA after attackers drained funds from 374 addresses.

Source: SecondFi

“SecondFi’s wallet software exposed the private keys it generated,” Mitchell Amador, CEO of security company Immunefi, told Cointelegraph. Amador said that while the blockchain remained secure, the code that generates the keys is the “part nobody audits like a contract.” He added that attackers have increasingly shifted focus toward infrastructure that creates or stores crypto keys rather than blockchain protocols.

Related: AI models led to a ‘vulnerability apocalypse’ in crypto security: Immunefi CEO

“Recovery to another platform or wallet does not mitigate the risk,” SecondFi said, advising users not to restore their recovery phrases into new Cardano wallets. The guidance differed from recommendations by some community members, who urged users to migrate affected wallets and move funds to newly created addresses.

SecondFi is a self-custodial platform built on Cardano that rebranded from the Yoroi wallet in April 2026. Yoroi was developed by Emurgo, which describes itself as the "for-profit arm of Cardano," and was launched as the first open-source light wallet for the Cardano blockchain.

Hoskinson said IOG’s incident response team has been in contact with SecondFi since Monday and that the platform requested an independent security audit.

Source: Charles Hoskinson

In a Tuesday video posted on X, Hoskinson stressed that IOG “is not Emurgo,” adding that the company has no influence over Emurgo and cannot speak on its behalf regarding the exploit. “We didn’t write the code and we’re not connected to it,” he said.

Magazine: Japanese pension fund tips 1% in crypto, G7 urges action on NK hackers: Asia Express

More on the subject