SecondFi won’t reopen after Cardano wallet breach

Bybit
Bybit



EMURGO said SecondFi will not return to normal operations after its recent Cardano wallet security incident.

Summary

  • SecondFi will not resume normal operations after the Cardano wallet incident, even after audits finish.
  • EMURGO is preparing checker tools, migration routes and a recovery fund for affected users.
  • Earlier crypto.news reports said the exploit drained 16 million ADA from 374 affected wallet addresses.

The company said its future work on SecondFi will focus only on asset recovery for users who were affected.

Binance

The update marks a change from earlier recovery expectations. SecondFi kept a two-week recovery plan after a Cardano wallet exploit drained about 16 million ADA from 374 addresses.

EMURGO said “SecondFi will not resume normal operations” even after outside audits finish. The company asked all users to migrate away from SecondFi through official methods, including safer wallet routes.

The company said unaffected users remain safe based on current information. Still, it said users should leave the platform because the recovery process now takes priority over product operation.

Audits and patch work continue

EMURGO said it has hired multiple independent firms to review the event and the underlying code. It said those reviews remain active and warned against publishing early findings before investigators complete their work.

The company said releasing early results could create inaccurate information. It added that a patch has been submitted to close the identified vulnerability while teams continue to review the full event.

As crypto.news earlier reported, SecondFi traced the breach to its native Cardano web wallet generation software. The project paused affected services while it worked with security firms on a wider review.

SlowMist founder Cos had warned that possible user losses could be higher if some tracked addresses were confirmed as attacker wallets. SecondFi’s own public estimate placed the known affected amount near 16 million ADA.

Users to receive checker and migration tools

EMURGO said its team is working on three short-term priorities. These include asset safeguarding, a recovery fund, wallet status checks, and safe migration routes for users who need to move away from SecondFi.

The company said it plans to launch a quarantined site this week. The site will help users check wallet status and take migration steps. EMURGO said it submitted the tool for app store approval and will release it after approval.

The team also plans to launch secure wallet export functionality soon after. That feature will help users migrate to a hardware wallet or another platform. EMURGO also said an in-person migration workshop will take place in Tokyo.

The company warned users to follow official SecondFi channels only. SecondFi users faced fake recovery account risks after the exploit, with scammers targeting users through false support links.

Recovery system still needs audit

EMURGO said it is working with Cardano ecosystem participants on an on-chain recovery system. The company said the system must be auditable and persistent before it can support the safe return of affected assets.

The company also said an external audit of the recovery system is required before it can return funds. It said speed matters, but safety remains the main priority because threat actors know about the vulnerability.

Moreover, the recovery process places SecondFi among several crypto projects that moved slowly after security incidents to protect users. As crypto.news recently reported, Taiko used a staged restart plan after a bridge attack, with outside experts reviewing fixes before wider access returned.

EMURGO said it will publish a fuller account of “who, what, and why” after incident reports and code reviews are complete. Until then, SecondFi’s role is limited to asset recovery and helping users migrate away from the platform.



Source link

Changelly

Be the first to comment

Leave a Reply

Your email address will not be published.


*