SecondFi Exploit Sparks $20M Loss Fears Across ADA

Key Takeaways:

• Certain Cardano wallets have been compromised in a wallet-level incident, said SecondFi.
• The staff of the team advised users to not enter recovery phrases into other Cardano wallets as there is still a risk at the address level.
• Security researchers believe the losses could reach over $20 million, making it one of the biggest wallet-related incidents on Cardano in history.

User Score

8.7

    Follow us on Google NewsWhile upgrading wallet apps is necessary, users might still have concerns about compromised wallets following them, as this is a growing security problem within the Cardano ecosystem.

It occurs when certain wallet addresses make transactions that are then signed, the project said, adding that it recommends users not restore recovery phrases on other sites until future instructions from the company.

Table of Contents

• SecondFi Confirms Address-Level Security Risk
• Millions in ADA and Tokens Reportedly Drained
  • Users Told to Wait for Official Instructions
  • Cardano Security Concerns Return to the Spotlight

SecondFi Confirms Address-Level Security Risk

SecondFi said its investigation identified the exploit as an address-level issue rather than a simple wallet application problem.

The team also said that there is no guarantee you can’t put it into another Cardano wallet once it is imported. The company has repeatedly warned users not to restore their seed phrase into other wallets if they were affected.

Instead, users were advised to be passive and raise support tickets directly from the project’s official support page.

The team also stated that it would not reach out to users initially or ask for recovery phrases, emphasizing rising users’ concerns over phishing.

Read More: Cardano Powers Brazil’s Olympic Future with Blockchain, AI, and IoT

## Millions in ADA and Tokens Reportedly Drained

Blockchain investigators and community members have linked the exploit to the loss of millions of dollars worth of ADA and other Cardano-based assets.

Early estimates pointed to losses of roughly 16 million ADA, while some security researchers suggested the total exposure could exceed $20 million if additional affected wallets are included. The number of affected addresses is currently being reviewed.

Some analysts said that the incident seems to be linked to the wallet generation or signing infrastructure rather than the Cardano blockchain. So far no vulnerability in Cardano’s base protocol has been spotted.

Read More: Cardano Discord Migration Plan After X Drama for Governance

Users Told to Wait for Official Instructions

Conflicting advice spread across social media after the incident became public, with some community members recommending immediate wallet migration.

SecondFi rejected those suggestions and stated that moving recovery phrases to another Cardano wallet could expose users to additional risk if the affected addresses remain compromised.

The company said it has already isolated impacted wallets and is preparing official mitigation procedures.

Cardano Security Concerns Return to the Spotlight

The exploit comes amid its advancement phase in the Cardano ecosystem, though it also revealed greater threats to the security of its wallet infrastructure.

In 2026, a number of significant crypto incidents have stemmed at application layers, with wallet software and private key management systems being the root cause of a majority of them.