Crypto Times Logo Black
Google News Follow Banner
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • DeFi News
    • Blockchain News
    • Industry
  • Exclusive
    ExclusiveShow More
    Anthropic’s Claude Fable 5 Crypto Hacks
    Anthropic’s Claude Fable 5: The AI That Could Supercharge Crypto Hacks and Defenses
    CLARITY Act Stalls Why Senate's August Recess Puts US Crypto Rules at Risk
    CLARITY Act Stalls: Why Senate’s August Recess Puts US Crypto Rules at Risk
    Three Stories, One Pattern Why Binance Is Having Its Worst Week Since the Pardon
    Three Stories, One Pattern: Why Binance Is Having Its Worst Week Since the Pardon
    Coinbase India Head Addresses Re-Entry Launch Glitches and the 12-Month Roadmap
    Coinbase India Head Addresses Re-Entry Launch Glitches and the 12-Month Roadmap
    Inside the Trump Family’s $1.2B Crypto Windfall Who Paid the Price
    Inside the Trump Family’s $1.2B Crypto Windfall: Who Paid the Price?
  • Opinion
    OpinionShow More
    The Bitcoin Treasury Blueprint What Stress Testing on Strategy Inc.’s MSTR-STRC Reveals
    The Bitcoin Treasury Blueprint: What Stress Testing on Strategy Inc.’s MSTR-STRC Reveals
    Why Wall Street is Divided Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    Why Wall Street is Divided: Michael Saylor’s Scarcity vs. Tom Lee’s Staking Empire
    The Arthur Hayes Paradox Macro Prophet or Market Opportunist
    The Arthur Hayes Paradox: Macro Prophet or Market Opportunist?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India's Digital Rupee Push?
    RBI Denies Gold Sale Amid Oil Crisis: Could It Speed Up India’s Digital Rupee Push?
    The CLARITY Act War Starts Jamie Dimon Vs Armstrong
    The CLARITY Act War Starts: Jamie Dimon Vs Armstrong
  • Learn
    • Explained
    • How To
    • Insights
  • Videos
  • More
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
The Crypto TimesThe Crypto Times
  • All News
  • Market
  • Bitcoin
  • Ethereum
  • Altcoins
  • Regulations & Policies
  • Blockchain
  • DeFi
  • Industry
  • Exclusive
  • Opinion
Search
  • News
    • Market
    • Bitcoin
    • Ethereum
    • Altcoins
    • Regulations & Policies
    • Blockchain
    • DeFi
    • Industry
    • Exclusive
    • Opinion
  • Learn
    • Explained
    • How To
    • Insights
  • Quick Links
    • About Us
    • Our Authors
    • Contact Us
    • Editorial Policy
    • AI Policy
    • Sponsored & Advertorial Policy
  • Videos
  • Glossary
Follow US
© 2026 By Crypto Times. All Rights Reserved.
DeFi News

EMURGO Winds Down SecondFi for Good as Cardano Hack Recovery Drags On

EMURGO says SecondFi will not resume normal operations even after audits are complete and its role is now limited to a recovery team, with no firm date for returning stolen ADA.

Written By Dhara Chavda Dhara Chavda
Published 1 hour ago
Make The Crypto Times preferred on GoogleGoogle
Share
EMURGO Winds Down SecondFi for Good as Cardano Hack Recovery Drags On
Show AI Summary
Cardano ecosystem faces significant setback as SecondFi wallet platform winds down due to private-key exploit
EMURGO’s decision to retire SecondFi rather than rehabilitate it underscores the incident’s industry significance and impact on user trust
Incident highlights broader concerns around governance and process failures in crypto, with affected users facing an indefinite wait for recovery

EMURGO has confirmed that SecondFi, the Cardano wallet platform hit by a private-key exploit in June, will not resume normal operations even after ongoing audits conclude, effectively winding down one of the ecosystem’s flagship self-custody tools while affected users continue to wait for their funds.

A flagship wallet, shut for good

In a July 6 update titled “The Path Forward,” signed by EMURGO chief executive Phillip Pon, the company told the Cardano community that SecondFi’s future is now limited to recovery. “SecondFi will not resume normal operations—even after the audits are complete,” the statement read, adding that going forward, EMURGO’s involvement is confined to “a dedicated asset recovery team, tasked solely with returning assets to affected users.” It urged all users to migrate away from the platform entirely, to a hardware wallet or an alternative provider, using officially prescribed methods.

That is a striking outcome for a product with deep roots in Cardano. SecondFi is the rebranded successor to Yoroi, the light wallet EMURGO launched in 2018 that served over a million users across nearly eight years as one of the network’s primary self-custody options before its April 2026 relaunch as a broader “neofinance” platform. EMURGO is one of Cardano’s three founding entities, which is precisely why the decision to retire the wallet rather than rehabilitate it carries weight.

To ease the exit, EMURGO said it will launch a “quarantined” site to help users check whether their wallet was affected, followed by a secure wallet-export tool and an in-person migration workshop in Tokyo.

The harder news for victims is timing. When EMURGO first mapped a recovery path in late June, it targeted a return of assets within roughly two weeks. The July 6 update contains no such firm date, stating instead that an external audit of a new on-chain recovery system is required before funds can be returned and that “given the number of known threat actors who are aware of the vulnerability, the safe return of assets must remain the overriding priority.” The company also declined to release preliminary findings while multiple independent reviews continue, promising a full account of “who, what, and why” only once they are finalized.

Why the scrutiny won’t fade

EMURGO’s caution has a defensible rationale. Releasing incomplete findings could mislead users, and moving too quickly could expose recovered funds to attackers still probing the flaw. But its silence on specifics has left a vacuum that independent researchers have moved to fill, and their accounts have been far less flattering than a routine bug.

There is broad agreement on the shape of the failure, if not its precise name: the flaw lived in how SecondFi’s software generated wallet keys and signatures, and it left users’ private keys derivable from public, on-chain data—no phishing link or stolen password required. An independent on-chain investigation by blockchain-intelligence firm Bitquery, which reconstructed the drain transaction by transaction, traced the breach to weak randomness in SecondFi’s key-generation code and stressed the Cardano protocol itself processed the transactions exactly as designed.

The exact mechanism is still contested—a forensic report from Tibane Labs characterized it as an Ed25519 signing error, while others have framed it as flawed nonce generation—but the researchers converge on the same conclusion: the keys SecondFi created were never truly secret.

It is the next step in that critique that has proven most damaging. Tibane Labs attributed the failure to an unaudited third-party signing library that it says replaced EMURGO’s previously audited code shortly before the exploit—and independent security researcher Taylor Monahan said SecondFi had effectively “rolled their own crypto,” describing the software as closed-source and unaudited.

Both frame the episode less as an unlucky bug than as a governance and process failure: a Cardano founding entity shipping unaudited code to production without an independent review that might have caught the flaw. That framing carries weight given SecondFi’s Yoroi lineage—users who trusted a wallet endorsed for years were migrated onto the very infrastructure that failed. It is worth noting that Tibane Labs is building a competing wallet, and its team includes former

Mt. Gox chief executive Mark Karpelès, so its analysis comes from an interested party. But EMURGO has neither published a technical postmortem nor publicly addressed the third-party code attribution, and that silence—more than any single researcher’s claim—is why the questions have not quieted. The incident has landed on ADA at a fragile moment, with the token trading near multi-year lows around $0.15.

What affected users should do now

For anyone who used SecondFi, the practical guidance is consistent across EMURGO’s statements. Users are urged to migrate away from the platform using only the official methods EMURGO publishes and, crucially, not to independently restore their recovery phrases into other wallets or move assets against official guidance during the recovery window—EMURGO has warned that doing so could complicate the secure return of funds, since its recovery is being built around wallet states recorded at the time of the incident. Affected users are directed to file claims through SecondFi’s official support channel.

The scam risk is acute and worth underlining. EMURGO has repeatedly cautioned that bad actors are imitating official guidance to target victims, a common follow-on to any high-profile exploit; legitimate recovery will come only through EMURGO’s verified channels and never from a stranger promising instant retrieval for a fee.

As context on the scale, the confirmed theft stands at roughly 16 million ADA (~$2.4 million) drained from 374 wallets across three external attack events between June 21 and 23, with a fourth event being EMURGO’s own emergency move of about 129 million ADA (~$18.5 million) to a third-party custodian to shield it from attackers. Security firm SlowMist has separately estimated the theoretical exposure could exceed $20 million, a figure that remains an upper bound rather than a confirmed loss.

The overall picture is of a founding-tier project managing a serious failure with visible caution but limited transparency, while its users face an indefinite wait and the loss of a wallet many had trusted for years. EMURGO’s promise of a full accounting still stands—but until it arrives, the questions its own community is asking are unlikely to quiet, and the recovery it has staked its reputation on remains, for now, unfinished.

Disclaimer: The information researched and reported by The Crypto Times is for informational purposes only and is not a substitute for professional financial advice. Investing in crypto assets involves significant risk due to market volatility. Always Do Your Own Research (DYOR) and consult with a qualified Financial Advisor before making any investment decisions.

Follow The Crypto Times on Google News to Stay Updated!      Google News
Google News Banner

TAGGED:Cardano (ADA)Crypto Hack
Share This Article
Whatsapp Whatsapp LinkedIn Telegram Copy Link

Latest News

Peter Schiff Strategy Will Lose Far Greater For Selling Bitcoin
Peter Schiff: Strategy Will Lose Far Greater For Selling Bitcoin
Bitcoin Price Going Down Today: Is Strategy Behind the Crash?
Bitcoin Price Going Down Today: Is Strategy Behind the Crash?
MSTR Price Prediction: Will Strategy Stock Crash After Bitcoin Sale?
MSTR Price Prediction: Will Strategy Stock Crash After Bitcoin Sale?
ZachXBT Dumps Unauthorized Meme Coins to Fund $41K Charity Donation
ZachXBT Dumps Unauthorized Meme Coins to Fund $41K Charity Donation
Michael Saylor’s Strategy Liquidates 3,588 BTC Hours After Preaching Bitcoin Supremacy
Michael Saylor’s Strategy Liquidates 3,588 Bitcoin Hours After Preaching Bitcoin Supremacy

Find Us on Socials

You may also like

Summer Finance Hit by Suspected Flash Loan Exploit Worth Nearly $6M

Summer Finance Hit by Suspected Flash Loan Exploit Worth Nearly $6M

Cardano (ADA) Reclaims Top 15 Crypto Ranking After 18% Weekly Gain

Cardano (ADA) Reclaims Top 15 Crypto Ranking After 18% Weekly Gain

Aave DAO Clears stcUSD Listing for MegaETH Lending Market

Aave DAO Clears stcUSD Listing for MegaETH Lending Market 

Gnosis Pay Restores 100% User Funds After $1.8M Crypto Exploit

Gnosis Pay Restores 100% User Funds After $1.8M Crypto Exploit

The Crypto Times Logo PNG

Providing real-time, accurate Crypto reporting. Your trusted source for Crypto News and Research.

Stay Updated

All News
Exclusive
Opinions
Learn
Videos
Glossary

Company

About Us
Our Authors
Editorial Policy
AI Policy
Advertorial Policy

Get In Touch

Contact Us
Career

Find Us on Socials

X-twitter Linkedin Telegram Youtube Instagram

© 2026 The Crypto Times | A BITROCK TECHNOLOGIES L.L.C. Company.

DMCA.com Protection Status
  • Terms and Conditions
  • Disclaimer
  • Privacy Policy
  • Cookie policy
Do Not Sell or Share My Personal Information