- SlowMist estimates Cardano wallet losses may exceed $20M pending address verification.
- SecondFi traced the incident to its wallet generation software and estimated losses at 16M ADA.
- Users were urged to move funds to new wallets as SecondFi review remains ongoing.
Cardano ecosystem project SecondFi has released an update on its recent security incident, stating that the root cause has been traced to its wallet generation software and estimating losses at approximately 16 million ADA. However, SlowMist founder Cos (Yu Xian) said analysis of wallet activity suggests actual user losses could theoretically exceed $20 million.
Security Research Points to Larger Exposure
According to Cos, analysis of hacker-linked addresses and fund flows indicates that actual user losses could theoretically exceed $20 million, involving more than 129 million ADA and other tokens. The estimate is significantly higher than SecondFi’s preliminary assessment and remains unconfirmed pending further investigation.
SecondFi disclosed that approximately 16 million ADA was transferred out during three attacker-initiated fund transfer events affecting 374 addresses. The project said it has completed on-chain analysis and is working with a blockchain security firm on an independent technical review to verify its findings.
SecondFi also stated that it conducted an emergency transfer of approximately 129 million ADA to an independent third-party custodial institution during the incident to safeguard user assets and reduce the risk of further losses. Investigators are continuing to assess the full scope of affected wallets and assets.
Users Await Final Findings From Review
According to SecondFi, the impact of the incident was limited to its native Cardano web wallet generation software and did not extend beyond that component. The team said it has deployed patches for unaffected wallets and expects normal operations to resume shortly.
The project has not yet released a final technical report or announced a compensation framework. As a result, affected users remain focused on the outcome of the ongoing review, which is expected to confirm the extent of affected assets and validate the project’s findings.
Security Teams Urge Immediate Action
While the investigation continues, users have been advised to move assets into newly created wallets. Security teams involved in the review said transferring funds remains one of the most effective measures available to reduce the risk of additional losses.
Users have also been encouraged to monitor wallet activity, follow official updates regarding the investigation, and verify the source of wallet generation tools they have used. The recommendations come as researchers continue examining the incident and validating its overall impact.
Related: Cardano Eyes Surprise Rebound as Dormant ADA Wallet Activity Spikes
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
