Skip to content
Active Currencies: 17,404
Market Cap: $2.237T
Bitcoin Dominance: 56.26%
24h Market Cap Change: $0.72

SecondFI’s $2M exploit: A wallet flaw leaves Cardano users exposed

SecondFi's exploit exposed flaws in wallet generation, triggering losses, and growing trust concerns across Cardano.

Written by Written by Muriuki Lazaro
Reviewed by Reviewed by Saman Waris
Updated June 24, 2026
SecondFI's $2M exploit: A wallet flaw leaves Cardano users exposed

SecondFi uncovered a major wallet generation vulnerability on the 23rd of June. Notably, a flaw in SecondFi’s wallet-generation process compromised the private keys used to create Cardano [ADA] wallets, resulting in an entry point for the exploit.

This created a risk to users of wallets generated through this method, as potential attackers could potentially gain unauthorized access to those user accounts.

Investigators were able to track the flow of money from the compromised accounts. Using on-chain data investigations revealed several addresses associated with the hack.

Source: X

The exploit led to losses amounting to roughly 16 million ADA worth approximately $2.4 million. However, further investigations indicated that SecondFi may have lost up to 129 million ADA due to exposure of other tokens and NFTs in addition to ADA.

Following these events, SecondFi has temporarily suspended service and placed itself into maintenance.

SecondFi is now demonstrating how vulnerabilities in the system used to generate wallets can compromise users’ ability to maintain their own private keys, putting users’ entire ecosystem at risk.

Security risks extend beyond the theft

The latest information from Secondfi indicates there is more at stake in this data breach than just the theft of money. It appears they also compromised the structure of the wallet.

Earlier investigations identified approximately 178 wallets affected by the exploit. However, SecondFi later found that the threat activates whenever affected users sign transactions with compromised addresses.

This discovery is significant because it fundamentally changes the threat model and the way security teams assess the vulnerability.

While Second Fi has successfully isolated and taken a full balance snapshot of the affected wallets during their containment efforts, the community’s perception of Second Fi has quickly begun to deteriorate.

One user openly challenged the team’s guidance, stating,

Millions were lost. People’s life savings vanished.

The criticism intensified further with claims that “nobody trusts anything being posted” and that disabling comments “says more than any statement ever could.” Those reactions suggest the crisis now extends beyond security losses and into a broader confidence problem for the platform.

Final Summary

  • SecondFi’s wallet-generation flaw exposed Cardano users to unauthorized access, highlighting risks within wallet infrastructure security.
  • Recovery efforts may help contain losses, but rebuilding trust across the ecosystem remains a larger challenge.
Disclaimer: AMBCrypto's content is meant to be informational in nature and should not be interpreted as investment advice. Trading, buying or selling cryptocurrencies should be considered a high-risk investment and every reader is advised to do their own research before making any decisions.

Muriuki Lazaro

Journalist

Muriuki Lazaro is a on-chain data analyst with a B.Sc. in Data Science. Muriuki specializes in dissecting complex on-chain data into clear and accurate insights for readers in the crypto ecosystem, with a particular focus on Bitcoin.

Related Articles

AMBCrypto
Facebook X Instagram Youtube Linkedin

AMBCrypto was founded in 2018 with a mission to simplify and bring the latest blockchain and cryptocurrency news to our readers. We have quickly grown into the digital news source for an emerging generation of cryptocurrency enthusiasts, reaching more than a million readers on a monthly basis, across the globe.