TLDR
- SecondFi paused services after a wallet key generation flaw exposed private keys for some users.
- SlowMist estimated total losses could exceed $20 million across exposed Cardano wallets and assets.
- SecondFi confirmed about 178 wallets were affected during its first review of the breach.
- Users were urged to move funds into new wallets created through separate wallet providers.
- Scammers are targeting affected users with fake support channels and false recovery tools.
The SecondFi exploit has raised concern across Cardano after a wallet key generation flaw exposed user funds. SecondFi, formerly known as Yoroi, disclosed the issue on June 23 and paused all services.
The flaw was found in the platform’s web wallet generation software, according to the details shared. Users were urged to move assets into new wallets created through other wallet providers.
SecondFi confirmed that about 178 wallets were affected during its first review of the breach. The platform reported around 16 million ADA in confirmed losses, valued at about $2.4 million.
Blockchain security firm SlowMist estimated that total losses could exceed $20 million. Its review said exposed wallets may include up to 129 million ADA.
Wallet Key Flaw Exposes Cardano Users
The SecondFi exploit centered on wallet key generation, which is a core part of self-custody security. The flaw allowed unauthorized access to private keys tied to certain user wallets. Private keys control access to funds, so exposure can lead to direct asset theft.
SecondFi said wallets created through the affected software may remain at risk. The warning covered users who had used the web wallet before the service pause. As a result, the platform advised immediate fund migration to newly created wallets.
The early confirmed losses included ADA, along with other tokens and NFTs. However, the wider total remains unclear because some exposed wallets may not be drained yet. SlowMist’s estimate placed the possible loss range far above SecondFi’s confirmed figure.
SecondFi Freezes Services After Breach
SecondFi moved into maintenance mode after the security issue became public. The platform also froze user balances as part of its response. This step followed its warning that exposed wallets could still face theft.
No compensation timeline has been announced for affected users. SecondFi has also not released full audit results on the wallet flaw. Users are still waiting for clearer details on recovery plans and next steps.
The wallet was rebranded from Yoroi in April 2026, according to the shared report. Yoroi had been widely used by ADA holders seeking a light Cardano wallet. The service was linked to Emurgo, one of Cardano’s founding organizations.
Scams Target Affected Wallet Users
Security researchers also warned about scams aimed at affected Cardano users. Fake support accounts are reportedly offering false recovery tools to worried wallet holders. These scams can steal seed phrases, passwords, or other sensitive wallet details.
Users were advised to avoid links shared through unofficial support channels. They were also told not to enter recovery phrases into unknown websites or tools. Only a new wallet with fresh keys can separate funds from exposed access.
The SecondFi exploit has placed wallet security back in focus across the Cardano ecosystem. Investors are now watching how SecondFi and related organizations respond to affected users. Further updates may clarify the final loss total and the scope of exposed wallets.
Get 3 Free Stock Ebooks
Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.
- Top 10 AI Stocks - Leading AI companies
- Top 10 Crypto Stocks - Blockchain leaders
- Top 10 Tech Stocks - Tech giants
