SecondFi Targets Two Week Recovery After ADA Exploit

Recovery on Track After $2.4 Million Drain

Cardano wallet platform SecondFi says it remains on schedule to return user assets within two weeks following a $2.4 million exploit that targeted its wallet generation software. Engineers are currently testing multiple recovery approaches in parallel to identify the safest path forward for affected users.

The exploit drained roughly 16 million $ADA, about $2.4 million, from 374 addresses between June 21 and 23 through a flaw in SecondFi's own wallet generation software. The vulnerability was traced to a deterministic nonce derivation error in the platform's software signer, which allowed attackers to reconstruct private keys from publicly available on-chain data.

EMURGO CEO Phillip Pon said the company had completed a forensic review, checked wallet balances and found a "clear recovery solution." The company expects one week to build the recovery system and another week to test it before returns begin. A tool that will let users check whether their wallet was affected is expected early next week.

SecondFi moved about 129 million ADA to an independent third-party custodian as an emergency measure to keep more assets away from attackers, and an external accounting firm has been engaged to verify those holdings. Blockchain security firm SlowMist has estimated that total losses could exceed $20 million when accounting for the full range of compromised wallets and tokens, a figure that remains unconfirmed pending an independent audit.

Scam Warning and Key Guidance for Users

SecondFi warned that no recovery step requiring user action has started. Users are told to leave wallets untouched until official instructions arrive. The company said it will never ask for private keys, seed phrases, wallet credentials, or asset transfers.

Fake accounts and impersonators have been actively targeting affected users in the wake of the exploit. Users should rely only on official channels and treat any unsolicited outreach asking for wallet credentials as fraudulent.

Compromised wallets carry risk at the address and private key level, so simply moving a seed phrase to a different wallet app will not fix the underlying problem. Users are advised not to attempt independent fund transfers or wallet migrations until SecondFi issues its official recovery steps.

SecondFi, formerly known as Yoroi, is developed by EMURGO, one of Cardano's three founding organizations. EMURGO has committed to full reimbursement for all affected users.

Sources:
The Block: SecondFi maps recovery path after $2.4 million Cardano wallet exploit
Crypto.news: SecondFi keeps two-week recovery plan after $2.4M Cardano wallet exploit
CoinDesk: SecondFi loses $2.4 million in Cardano wallet exploit, up to $20 million at risk