Crypto news

24.06.2026
07:55

SecondFi Hack: The Real Damage to the Cardano Ecosystem May Be Several Times Greater Than Stated

The Cardano ecosystem has suffered a serious reputational blow. The SecondFi project, formerly known as the popular Yoroi wallet, has confirmed the exploitation of a critical vulnerability in its proprietary wallet generation software. According to preliminary data from the team, the direct damage amounts to approximately 16 million ADA (roughly $2.4 million). However, my analysis of on-chain data and assessments from independent experts indicate that actual user losses could exceed $20 million.

During the investigation, it was discovered that the breach was embedded in the proprietary code responsible for generating private keys. Due to a defect in the pseudo-random number generator, all wallets created through this software were compromised. The attacker was able to predict and recover keys, leading to the draining of funds. It has currently been confirmed that around 178 wallets are at risk, but this number may not be final.

Discrepancy in estimates: why $2.4 million is just the beginning

Yu Xian, founder of the security company SlowMist, conducted an independent analysis of fund movements. His data indicates that the scale of the disaster is significantly more severe. According to his assessment, two tracked attacker addresses may be linked to losses of up to 129 million ADA and other tokens. This is eight times higher than the project's own estimate.

Such a colossal discrepancy is easily explained: some of the compromised wallets had not yet been drained at the time of SecondFi's initial report. This means the attacker, having access to the keys, can strike at any moment. Users who have not yet withdrawn their funds are sitting on a "time bomb."

Reputational blow to Cardano

It is important to understand the context. SecondFi is a rebranding of the Yoroi wallet, developed by EMURGO, one of the three co-founders of Cardano. Yoroi was used by over a million ADA holders. This is not some anonymous DeFi project, but a flagship product of the ecosystem. Therefore, the reputational consequences here are far more serious than in the case of a hack on a little-known protocol.

The SecondFi team has already suspended service, taken a snapshot of balances, and urged all users who created a wallet through their software to immediately transfer assets to other services. The investigation is ongoing, and the exact amount of damage will be disclosed after the completion of a technical audit by a third-party company.

Analyst's comment: This incident is a harsh reminder that even "light" wallets from trusted developers carry risks. Relying solely on brand reputation is a mistake. Every user must demand public audits of key generation code. Until the Cardano ecosystem develops strict security standards for its "anchor" projects, such incidents will continue to undermine trust in the entire network.