EMURGO Says Hacked Cardano Wallet SecondFi Will Not Reopen

AI Market Summary
EMURGO said SecondFi, a major Cardano wallet provider, will not resume operations after a hack that drained ~16M ADA from 374 addresses, and warned compromised keys should be treated as permanently exposed. While audits, patching, and migration tools are underway, the shutdown and recovery process elevate operational and custody risk perceptions around Cardano's wallet infrastructure, potentially weighing on near-term sentiment and on-chain activity.
Impact level
● Medium
Affected assets
ADA/USDT-1.76%
AI Insight · ADA/USDTAI Insight
▼ Bearish
Trade now
⚠️ AI-generated insights are based on news content and are provided for informational purposes only. They do not constitute investment advice or represent the views of BingX. Investing involves risk. Please trade responsibly.
EMURGO, the Cardano founding organization behind SecondFi, said Monday that the wallet service will not return to normal operations following a recent hack, even after ongoing security audits are completed. The company urged all users to move off the platform using its official recovery process. "While we believe unaffected users remain safe, SecondFi will not resume normal operations, even after the audits are complete," EMURGO said in a statement posted to its official X account. From here, EMURGO said its involvement will be limited to "a dedicated asset recovery team" focused solely on returning funds to impacted users. SecondFi, a rebrand of the Yoroi wallet that EMURGO has described as "Cardano's largest wallet provider," suffered four separate wallet-draining incidents discovered on June 22. EMURGO's June 25 incident report said 374 addresses were compromised and about 16 million ADA was affected, valued at roughly $2.4 million at the time. The team also said it secured around 129 million ADA through emergency containment measures. EMURGO warned that compromised wallets should be treated as permanently exposed at both the address and private-key level, meaning importing an affected seed phrase into another wallet does not eliminate the risk. EMURGO said it has hired multiple independent firms to review the incident and the codebase, and has submitted a patch to close the identified vulnerability. Investigations are ongoing. The company plans to roll out a quarantined wallet status checker this week, subject to app store approval. It will then release a secure export tool to help users migrate funds to a hardware wallet or another platform, and host an in-person migration workshop in Tokyo. EMURGO said it is building a dedicated restoration fund into an on-chain recovery system, which still requires an external audit before affected users can be reimbursed. The company added that it will publish a full account of who was responsible and why once incident reports and code reviews are finalized.