TLDR
- Cardano faced a temporary network split from a bug-triggered transaction on November 21, 2025.
- Charles Hoskinson said engineers traced and stopped the attack within one day.
- The FBI has started a criminal investigation into the poisoned transaction.
- No user funds were lost, and most retail wallets were not affected by the incident.
Cardano founder Charles Hoskinson praised the quick recovery of the blockchain after a malicious transaction caused a temporary network split. The event, which happened on November 21, 2025, was traced to a bug in a software library. Engineers quickly contained the disruption, and the attacker later issued a public apology.
Fast Response to Network Disruption
The attack led to a temporary fork in the Cardano mainnet. It occurred when a specially crafted transaction bypassed the normal validation process. This caused nodes on the network to diverge and form two separate chains.
According to a report by Intersect, the issue was connected to a software bug that was exploited in the transaction. Input Output, the Cardano Foundation, and Intersect worked together to fix the issue. A war room was created where developers collaborated and deployed a patch within hours.
Charles Hoskinson praised the engineering teams. He stated that the attacker had been preparing the exploit for months. However, the network was able to respond fast, and the issue was stopped within a day. He said, “This shows how strong our system is, even in unexpected conditions.”
Validator Rewards Affected, No Loss of User Funds
While the attack disrupted network operations, there was no loss of user funds. Retail wallets were mostly unaffected since they relied on node components not impacted by the bug. However, some validators were affected and did not receive block rewards during the incident.
Hoskinson confirmed that restoring validator rewards will take weeks. He also mentioned that the attacker had specifically targeted his personal stake pool, which caused problems across the network. Authorities are now involved in investigating the case.
Intersect confirmed that the attack has been classified as a cyber crime, and the FBI has begun a criminal investigation.
Attacker Identified and Issues Public Apology
Intersect tracked the wallet linked to the invalid transaction. Following that, the wallet owner issued an apology on X (formerly Twitter). In the post, he said he acted alone and was not trying to profit from the exploit.
He claimed that he did not short ADA or collaborate with any other group. He described the incident as a mistake and accepted full responsibility. Hoskinson commented that the issue came down to carelessness and noted that consequences will follow.
Despite the network issue, Hoskinson said the incident helped prove the resilience of Cardano’s design.
Midnight Token Launch Still on Track
The incident came as the Cardano ecosystem prepares for the launch of Midnight’s native token, NIGHT. Hoskinson confirmed during his keynote at The Midnight Summit that NIGHT will go live on December 8, 2025.
The launch is expected to continue as planned, and Cardano engineers remain focused on reinforcing the network’s performance. The developers also plan to improve node software to prevent such attacks in the future.
Hoskinson remains optimistic about the roadmap and said that long-term security improvements are underway.
Get 3 Free Stock Ebooks
Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.
- Top 10 AI Stocks - Leading AI companies
- Top 10 Crypto Stocks - Blockchain leaders
- Top 10 Tech Stocks - Tech giants
