How an attacker drained a Cardano wallet's users of more than 129 million ADA
The funds were not taken with a stolen password or a phishing link. They were taken because the keys that secured them were never truly secret — a defect in SecondFi's own wallet-generation code. We reconstructed the theft transaction by transaction.
Update — Jun 24SecondFi's latest statement
On June 24, 2026, SecondFi posted an official update on X. The headline points for affected users:
- Root cause identified — SecondFi says it has patched unaffected wallets and plans to resume normal operations soon.
- External drains — SecondFi counts four draining events and attributes three to external threat actors, putting the loss from those at roughly 16 million ADA across 374 addresses — well below the 3,072 wallets and ~141.9M ADA our on-chain reconstruction traces below.
- ~129M ADA "rescued" — SecondFi says emergency measures secured about 129 million ADA during the active exploit and that those funds continue to be routed to an independent, qualified third-party custodian held for affected wallet addresses.
- Claims process — An external accounting firm will audit the rescued holdings; affected users should submit claims at support.secondfi.io once verification is complete.
- User warning — SecondFi reiterates: do not restore your recovery phrase into another Cardano wallet; it says the security risk is at the address level and materializes when an affected user signs a transaction. It promises further explanation.
On-chain, the 129,430,001 ADA identified in this investigation still sits at the same dormant vault address as of this writing. We have not independently verified SecondFi's custodian routing, rescue mechanics, or its lower external-loss figures — we report them here because victims need the official claims path. The forensic breakdown below is unchanged and remains the on-chain record.
Search the full drain ledger
Transaction-level records for all 3,072 victim wallets — amounts, timestamps, collectors, and wave. Filter or search the sheet for your address.
In the small hours of June 21, a string of long-dormant Cardano wallets, some untouched since the network's earliest days in 2020, began to empty one after another into addresses their owners had never seen. By the time the draining stopped two days later, more than 129 million ADA and thousands of other tokens had been swept out of 3,072 wallets belonging to users of SecondFi, a Cardano wallet app.
The losses, which SecondFi's users say exceed $20 million, bear none of the hallmarks of individual phishing or stolen passwords. The on-chain pattern points the other way: a single operator already held the private keys to thousands of wallets, including some dormant since 2020, and emptied them on command. How those keys came to be exposed is the question at the center of the case.
SecondFi has said the breach traces to a defect in its wallet-generation software — the code that is supposed to pick unpredictable random numbers for each user's private key. This is not a flaw in the Cardano blockchain. The chain processed the attacker's transactions exactly as designed; the failure was in how SecondFi created keys. Investigators believe those numbers followed a recognizable pattern rather than being truly random, so someone who understood the pattern could derive the private keys for many wallets the app had created — the cryptographic equivalent of guessing that 2, 4, 6, 8 will be followed by 10.
It helps to separate two ideas that are easy to conflate. Wallet software is the app — SecondFi, Eternl, Lace, and so on. An ADA wallet is the underlying key pair (private key + public address) that actually holds funds. A seed phrase is just a human-readable way to back up and restore that private key — a list of words standing in for one very large number.
In a public notice — and again in its June 24 update — SecondFi told users not to restore their recovery phrase into another Cardano wallet app:
Please DO NOT RESTORE your recovery phrase into another Cardano wallet, this does not mitigate the security risk. The security risk occurs when an affected user signs a transaction.
— SecondFi, June 24 update on X
That warning targets the compromised seed phrase and address, not new wallets in general. Importing a SecondFi-generated seed phrase into different wallet software does not fix anything — it exposes the same predictable private key through a different app. Whoever can derive that key can drain the address when a transaction is signed, no matter which software displays it.
If you still have funds at a SecondFi-created address, many security experts advise creating a brand-new ADA wallet with a fresh seed phrase in trusted software and transferring any remaining ADA and tokens there — without reusing the old recovery phrase. SecondFi's latest guidance emphasises that the flaw is address-level and that moving a seed phrase to another app does not remove the risk; it also directs affected users to file claims at support.secondfi.io for the ~129M ADA it says was secured. Treat SecondFi's official channels as the primary source for claims and follow-up.
Cos, the founder of the blockchain security firm SlowMist who also goes by Yu Xian, was among the first to flag the attacker's addresses publicly. Reviewing the fund flows, he estimated that real user losses "could theoretically exceed $20 million," involving "more than 129 million ADA and other tokens." A review of Cardano's on-chain records bears out the scale of his estimate almost to the coin.
01 — Two wavesTwo waves, one operator
The first wave began at 8:29 p.m. UTC on June 21, when three collection wallets sprang to life in the same second and started pulling in funds. They drained roughly 12 million ADA directly from about 198 wallets, along with hundreds of different tokens, then fed the haul into Minswap V2, the pool contract of Cardano's largest decentralized exchange, and swapped the stolen tokens into ADA. That fits the complaints from users that even their lending balances were emptied. The wallets recycled the same coins through Minswap so many times that their raw turnover swells past a billion ADA, far beyond the actual theft. When the swapping stops, the proceeds gather in no single wallet. They scatter across Minswap and at least one other exchange contract, where the attacker's coins dissolve into ordinary trading. The first wave leaves no vault to point at.
One of those early victims described the experience plainly. The blockchain confirms it: at 8:31 p.m. UTC on June 21, which was 5:31 the next morning in their own time zone, exactly 38,421.556 ADA left their wallet in a single transaction and landed in one of the attacker's collectors.
The second wave was larger and more direct. Starting before dawn on June 23, a hub wallet pulled in roughly 135 million ADA by sweeping nearly 2,900 wallets one transaction at a time. Among them were whales whose wallets dated to July and August of 2020, holders who had done nothing more provocative than leave their coins where they sat. Within hours, the hub forwarded 129,430,001 ADA in seven transactions into a single vault wallet, opening with a one-ADA test transfer before sending two blocks of 60 million each. That vault has not moved a coin since. The attacker kept the stolen tokens, more than 3,800 of them, including roughly 20 million NIGHT and 263 million SNEK, in the hub and never sold.
Collectors → Minswap → scattered
Hub → one sealed vault
A small but telling thread ties the two waves together. Each draining transaction needed a few ADA of its own to pay network fees, and that gas was supplied, again and again, by a single funding wallet — about seven ADA at a time, across more than 400 transactions spanning both days. That wallet was itself bankrolled by an older, high-throughput "treasury" address. The shared plumbing, the identical method, and the back-to-back timing all point to one operator. In all, the two waves emptied 3,072 wallets: 198 in the first, 2,874 in the second.
Reconstruct Cardano drains in plain English
Address profiling, directional fund-flow mapping, sweep ranking, DEX churn stripping, and shared-counterparty gas-funder detection — all against indexed Cardano transfer data. The same public ledger the attacker moved across in the open.
02 — RecoveryWhat can still be recovered, and what cannot
The 129.4 million ADA in the dormant vault is, for now, frozen in plain sight on-chain. It has sat untouched at the same address since midday on June 23. In its June 24 update, SecondFi said emergency rescue measures secured roughly that amount during the exploit and that it is routing those funds to an independent custodian for return to affected users after an external audit — with claims via support.secondfi.io. We have not independently verified custodian control or any movement beyond that statement; the vault address below is unchanged in our on-chain data. The thousands of tokens still parked in the hub wallet are likewise visible and unsold. Together they remain the bulk of the headline loss — and, on-chain, the clearest recoverable pool.
At roughly $0.15 per ADA, the price implied by the holdings of Cardano's largest liquidity pool, the dormant vault is worth about $19 million, close to the "$20 million" figure that has circulated publicly. An early reading of the raw collector balances suggested the haul ran far higher, toward 99 million ADA in the first wave alone. That figure turned out to be an artifact of churn. The first-wave wallets cycled the same coins through Minswap more than a dozen times, inflating their apparent throughput. Stripped of the churn, the first wave's direct theft was on the order of 12 million ADA plus tokens. The recoverable core of the attack is the second wave's 129 million ADA, sitting still in the vault.
The first wave's roughly 12 million ADA and its stolen tokens are the harder case, and the likelier lost. The attacker did not park them. It liquidated them through Minswap and at least one other decentralized exchange, where they mixed into ordinary volume. There is no first-wave vault to freeze, only a trail that fragments across DeFi contracts, recoverable, if at all, through painstaking order-by-order analysis.
A few caveats temper the precision. ADA's dollar value is pinned here to roughly fifteen cents, the rate implied by Cardano's largest liquidity pool on the day of writing, and that number moves. The tokens are rougher still, because the on-chain dictionary that names them misreports the decimal places for at least one major asset, so their dollar worth is an estimate rather than a count. The first wave's size is bounded from below rather than fixed: about 12 million ADA passed directly from victims into the attacker's hands, but the value of the tokens swept alongside it, then sold off through the exchanges, resists a clean tally. And one wallet said to still hold roughly 4 million ADA comes from a community analyst's accounting that this review did not independently reproduce.
For SecondFi users who may still have funds at risk, the distinction matters: wallet software (the app) is not the same thing as the ADA wallet (the key pair behind an address). SecondFi's June 24 guidance says the flaw is address-level, that signing a transaction is when the risk bites, and that importing a recovery phrase into another app does not fix it. Affected users with drained balances should file at support.secondfi.io; anyone with funds still sitting on a SecondFi-created address should treat SecondFi's notices and professional security advice as primary sources.
03 — The ledgerBy the numbers
| Metric | Value |
|---|---|
| SecondFi external loss (Jun 24 statement) | ~16M ADA across 374 addresses — attributed to 3 of 4 draining events |
| SecondFi secured/rescued (Jun 24 statement) | ~129M ADA — routed to third-party custodian; claims via support.secondfi.io after audit |
| Total drained from SecondFi users (on-chain) | ~141.9M ADA across both waves, plus 3,838 token types |
| Victim wallets drained | 3,072 total — 198 first wave + 2,874 second wave |
| Second-wave vault (dormant) | 129,430,001 ADA — about $19.4M at $0.15/ADA |
| First-wave direct theft | about 12.3M ADA from 198 base wallets, since dispersed |
| Tokens held in the hub | 3,838 types, incl. ~20M NIGHT and ~263M SNEK |
| Attack window (UTC) | 2026-06-21 20:29 → 2026-06-23 12:20 |
| Collectors launched | 2026-06-21 20:29:41 — all three in the same second |
| Hub-to-vault transfers | 7 transactions, including two of 60,000,000 ADA |
| Fee-funding wallet | about 7 ADA per tx, across 406 transactions |
| ADA reference price | about $0.15, implied by Cardano's largest liquidity pool |
04 — The mapOn-chain addresses
Tagged from on-chain analysis. Payment addresses and transactions link to Bitquery Explorer; stake accounts link to AdaStat.
| Role | Address / stake account |
|---|---|
| Attacker — hub & token vault A1 | addr1q8g8cgw…vuz99 |
| Attacker — dormant ADA vault A2 | addr1qxd39k4…wxpl3 |
| Attacker — collector 1 stake | 52838a79…6497c5 |
| Attacker — collector 2 stake | 1dde43d2…2ab60c |
| Attacker — collector 3 stake | 8bd0c0f7…6afe292f |
| Attacker — fee / gas funder | addr1q8acx4h5…cezfa8 |
| Funding source "treasury" · unconfirmed | addr1v8wfpcg4…s6g07rfjm |
| Minswap V2 pool a DEX — NOT attacker-owned | addr1z84q0denmye…777e2a |
05 — The receiptsKey transactions
| Transaction | What it shows |
|---|---|
| 16f81996…08814 | The reported 38,421.556 ADA victim drain, with the fee-funder as a co-input |
| c9556fbe…acf5a0 | The single largest second-wave sweep — 5.41M ADA into the hub |
| fab61e24…098d93 | First 60,000,000 ADA block, hub to vault |
| c5aceba0…651d71 | Second 60,000,000 ADA block, hub to vault |
Reconstructed through Bitquery
Address profiling, directional fund-flow mapping, time-windowed sweep ranking, DEX-swap churn stripping, and shared-counterparty (gas funder) detection — all against indexed Cardano transfer data. The same public ledger the attacker moved across in the open.
06 — SourcesSources and further reading
| SlowMist · Cos (Yu Xian) | First flagged the attacker addresses — x.com/evilcos |
| SecondFi · Jun 24 update | Official incident update — x.com/secondfiapp/status/2069719171391512793 · claims at support.secondfi.io |
| SecondFi | Project account — x.com/secondfiapp |
| Minswap | The DEX the first wave routed through — minswap.org |
| Block explorers | Bitquery Explorer · AdaStat · Cardanoscan |
| Victim transaction sheet | Google Sheets — 3,072 wallets, transaction by transaction |
Full drain ledger — 3,072 wallets
Every victim drain reconstructed at transaction level: wallet, amount, timestamp, collector, and wave. Open the sheet to search or filter your address.
Run investigations like this with AI
Bitquery AI Investigations traces fund flows, clusters wallets, and surfaces dormant vaults across 40+ chains — the moment a block is final, through one interface.
This account is based on a transaction-level analysis of Cardano on-chain data and on public statements by SecondFi (including its June 24, 2026 update on X) and by SlowMist's Cos (Yu Xian). SecondFi's stated loss and rescue figures differ from the on-chain totals reconstructed below; we report both where relevant. It is provided for informational and educational purposes only and does not constitute legal, financial, compliance, or investment advice.
First-wave ADA figures are stated net of decentralized-exchange swap churn, which inflates raw on-chain turnover several times over; token valuations are approximate and depend on per-token decimal precision that remains to be verified. ADA is valued at about $0.15, the rate implied by Cardano's largest liquidity pool at the time of writing. One wallet said to still hold roughly 4 million ADA comes from a community analyst's accounting that this review did not independently reproduce.
Blockchain addresses are pseudonymous, and the presence of a transaction between two addresses does not by itself establish the identity, intent, or knowledge of any party. Attacker, victim, and infrastructure attributions are based on on-chain behavioral analysis and third-party sources, may be incomplete or contain errors, and may change as additional data becomes available. References to Minswap and other named services describe transaction flows observed on-chain and are not assertions of wrongdoing by those entities. All trademarks and company names are the property of their respective owners.