July 06, 2026 ChainGPT

SecondFi Won't Reopen After 16M ADA Cardano Wallet Exploit — EMURGO Shifts to Recovery

SecondFi Won't Reopen After 16M ADA Cardano Wallet Exploit — EMURGO Shifts to Recovery
Headline: SecondFi won’t reopen after Cardano wallet exploit — EMURGO pivots to asset recovery EMURGO announced that SecondFi will not return to normal operations after a recent security incident that drained roughly 16 million ADA from 374 addresses. Instead of restoring the product, the team says its work will now be limited to recovering assets for affected users and guiding everyone off the platform safely. Key facts and timeline - Breach: SecondFi traced the exploit to its native Cardano web wallet generation software. The project paused affected services while engaging security firms for a full review. - Losses: Public estimates put the known stolen amount at about 16 million ADA across 374 addresses; outside observers warned the final toll could be higher if more attacker-controlled addresses are identified. - Change of plan: Earlier recovery expectations included a two-week recovery plan, but EMURGO now says SecondFi “will not resume normal operations” even after outside audits conclude. The platform’s role is limited to asset recovery and user migration. What EMURGO is doing now - Independent reviews: Multiple independent firms have been hired to audit the event and underlying code; those reviews are ongoing. EMURGO warned against publishing preliminary findings that could be inaccurate or hamper investigations. - Patch submitted: A patch has been submitted to close the identified vulnerability while the broader review continues. - Priorities: EMURGO lists three short-term priorities — safeguarding assets, establishing a recovery fund, and providing wallet status checks plus safe migration routes for users. - User tools and support: The team plans to launch a quarantined site this week for users to check wallet status and follow migration steps (submitted for app store approval). A secure wallet export feature to facilitate migration to hardware wallets or other platforms is scheduled soon after, and an in-person migration workshop will be held in Tokyo. - On-chain recovery: EMURGO is working with Cardano ecosystem partners on an auditable, persistent on-chain recovery system; an external audit of that system will be required before any funds are returned. The company emphasized that speed matters but safety is the top priority because threat actors know about the flaw. User guidance and risks - Migrate off SecondFi: EMURGO asked all users to migrate away from SecondFi using only official migration tools and channels. Even users whose wallets appear unaffected are advised to move because asset recovery now takes precedence over normal product operations. - Beware of scams: The breach triggered phishing and fake “recovery” account attempts; EMURGO warned users to follow only official SecondFi channels and avoid unsolicited links or support offers. Context in the industry - The cautious approach mirrors other post-incident responses in crypto, where teams have prioritized third-party reviews before restoring services (for example, Taiko’s staged restart after a bridge attack). What’s next EMURGO says it will publish a fuller account of “who, what, and why” after incident reports and code reviews are complete. Until then, SecondFi’s activity is restricted to supporting asset recovery and user migration away from the platform. Read more AI-generated news on: undefined/news