The Cardano project SecondFi faces a warning of a loss of $ 20m after the error
SecondFi, a wallet project for the Cardano ecosystem, said it followed a recent security incident in its Cardano web wallet generation software.
Summary
- SecondFi tracked down a breach of its Cardano wallet generation software after temporarily suspending the platform’s operations on Tuesday.
- SlowMist founder Cos said the alleged hacked wallets suggested the potential losses could exceed $20 million in total.
- The incident added pressure on Cardano as ADA traded near multi-year lows again this month.
The team said it contained the issue and stopped the affected services while it reviewed the entire area.
“We have isolated the root cause of the latest security incident,” security reviewer SecondFi said. “The issue centered around our native Cardano wallet application.”
SecondFi said its on-chain review puts the initial scale at about 16 million ADA. The team also said it is working with a blockchain security firm on an independent review of the technology.
The founder of SlowMist sees a huge risk of loss of Cardano
SlowMist founder Cos, also known as Yu Xian, said the damage could be much greater than SecondFi’s previous estimate. He said the rating depends on whether the two Cardano addresses he tracked are verified as attackers’ wallets.
“Users of this fund may have lost more than $20 million,” said SlowMist founder Cos in an X post. He said the possible loss could involve more than 129 million ADA and other tokens.
Cos later said that the pattern of transactions suggested that the attacker may have obtained a set of mnemonic phrases or secret keys before moving the money over several hours. He said the transfer of money seems to be from big money to small money.
Users are waiting for the final update
SecondFi has yet to release a final technical report or detailed compensation plan. The project said it will continue to share updates as independent reviews confirm scope and cause.
The case has attracted attention because the issue involves the creation of a wallet, not just a smart deal or previous error. If key generation fails, wallets created with the affected software may face direct risk.
SecondFi follows Yoroi and is launched by EMURGO as a self-defense application for spending, trading, earning and saving. Cardano’s official app catalog lists SecondFi as an escrow platform developed by EMURGO.
As previously reported by crypto.news, Cardano has already faced market and ecosystem pressure this month. ADA dropped below $0.20 in June, while several Cardano projects and management battles attracted widespread attention. At press time, ADA was trading at about $0.15, down about 3% in the last 24 hours.
Security concerns spread beyond Cardano
The SecondFi case adds to the broader crypto wallet functionality and platform security issues. In a recent update, crypto.news covered Trezor Safe 7 after Ledger Donjon discovered a chip flaw, although Trezor says users’ funds remain safe.
Previously, crypto.news examined the case of Bo Shen that reopened the wallet of 42 million dollars. SlowMist linked that crime to the mnemonic seed talk at risk, showing how exposure to the seeds can leave lasting problems for recovery.
SecondFi users now need to follow only official project channels and avoid support scams. Breach incidents often open fraudulent recovery accounts that ask for seed phrases, private keys or transfers.
The final amount of the loss remains unconfirmed. Currently, SecondFi’s public estimate stands at around 16 million ADA, while SlowMist’s Cos says the suspected hacking activity could push the potential loss of users to more than 20 million dollars.
