6
A number of Cardano wallets have been drained of roughly 16 million ADA (worth $2.4 million) after self-described “neofinance” platform SecondFi was hit by an exploit that targeted its wallet generation software.
SecondFi first alerted its followers to the incident this morning on X, claiming that it had detected a security issue that impacted a small number of Cardano wallets on its platform.
It said that it had contained the issue and that, as a precaution, its services would be temporarily placed into maintenance mode and that it would pause all front-end interactions.
Since then, SecondFi has shared an update that claims to have diagnosed the root cause of the exploit as an issue involving its native Cardano web wallet generation software.
It appears that some users may not be made whole after the incident, as SecondFi notes that it’s “taken extraordinary steps to protect remaining assets where possible.”
🚨 SECURITY UPDATE: Root Cause & Blast Radius Confirmed
— SecondFi (@secondfiapp) June 23, 2026
We have isolated the root cause of the recent security incident. The issue was confined to our native Cardano web wallet generation software.
Our team has completed an onchain analysis to determine the scope of impact, and…
The self-custody firm said, “Our team has completed an on-chain analysis to determine the scope of impact, and we are now finalizing an independent technical review with a leading blockchain security firm to validate our findings.”
Software developer Blink Labs has warned that the exploit means “the wallets generated are all unsafe,” and advised users to “switch to another wallet immediately.”
thedefiant.io
cryptopotato.com
bitcoinmagazine.com
cryptopolitan.com