On-chain investigationCardanoWallet securitySecondFi

How an attacker drained a Cardano wallet's users of more than 129 million ADA

The funds were not taken with a stolen password or a phishing link. They were taken because the keys that secured them were never truly secret — a defect in SecondFi's own wallet-generation code. We reconstructed the theft transaction by transaction.

At a glance
Beginning June 21, 2026, long-dormant Cardano wallets — some untouched since 2020 — began emptying into addresses their owners had never seen. By the time it stopped two days later, more than 129 million ADA and 3,838 token types had been swept from 3,072 wallets belonging to users of SecondFi, a Cardano wallet app. The breach traces to weak randomness in SecondFi's key-generation code — not a flaw in Cardano itself. The bulk — 129.4M ADA — sits in a single on-chain vault; on June 24, SecondFi said emergency measures secured those funds for return via a third-party custodian (official update).
129M+
ADA swept from SecondFi users
3,838
Distinct token types taken
~129M
SecondFi says secured for claims
3,072
Wallets drained on-chain · 198 + 2,874

Update — Jun 24SecondFi's latest statement

On June 24, 2026, SecondFi posted an official update on X. The headline points for affected users:

  • Root cause identified — SecondFi says it has patched unaffected wallets and plans to resume normal operations soon.
  • External drains — SecondFi counts four draining events and attributes three to external threat actors, putting the loss from those at roughly 16 million ADA across 374 addresses — well below the 3,072 wallets and ~141.9M ADA our on-chain reconstruction traces below.
  • ~129M ADA "rescued" — SecondFi says emergency measures secured about 129 million ADA during the active exploit and that those funds continue to be routed to an independent, qualified third-party custodian held for affected wallet addresses.
  • Claims process — An external accounting firm will audit the rescued holdings; affected users should submit claims at support.secondfi.io once verification is complete.
  • User warning — SecondFi reiterates: do not restore your recovery phrase into another Cardano wallet; it says the security risk is at the address level and materializes when an affected user signs a transaction. It promises further explanation.

On-chain, the 129,430,001 ADA identified in this investigation still sits at the same dormant vault address as of this writing. We have not independently verified SecondFi's custodian routing, rescue mechanics, or its lower external-loss figures — we report them here because victims need the official claims path. The forensic breakdown below is unchanged and remains the on-chain record.

Victim transaction data

Search the full drain ledger

Transaction-level records for all 3,072 victim wallets — amounts, timestamps, collectors, and wave. Filter or search the sheet for your address.

3,072 victim walletswave 1 + wave 2tx hashesADA + tokens

In the small hours of June 21, a string of long-dormant Cardano wallets, some untouched since the network's earliest days in 2020, began to empty one after another into addresses their owners had never seen. By the time the draining stopped two days later, more than 129 million ADA and thousands of other tokens had been swept out of 3,072 wallets belonging to users of SecondFi, a Cardano wallet app.

The losses, which SecondFi's users say exceed $20 million, bear none of the hallmarks of individual phishing or stolen passwords. The on-chain pattern points the other way: a single operator already held the private keys to thousands of wallets, including some dormant since 2020, and emptied them on command. How those keys came to be exposed is the question at the center of the case.

SecondFi has said the breach traces to a defect in its wallet-generation software — the code that is supposed to pick unpredictable random numbers for each user's private key. This is not a flaw in the Cardano blockchain. The chain processed the attacker's transactions exactly as designed; the failure was in how SecondFi created keys. Investigators believe those numbers followed a recognizable pattern rather than being truly random, so someone who understood the pattern could derive the private keys for many wallets the app had created — the cryptographic equivalent of guessing that 2, 4, 6, 8 will be followed by 10.

It helps to separate two ideas that are easy to conflate. Wallet software is the app — SecondFi, Eternl, Lace, and so on. An ADA wallet is the underlying key pair (private key + public address) that actually holds funds. A seed phrase is just a human-readable way to back up and restore that private key — a list of words standing in for one very large number.

In a public notice — and again in its June 24 update — SecondFi told users not to restore their recovery phrase into another Cardano wallet app:

Please DO NOT RESTORE your recovery phrase into another Cardano wallet, this does not mitigate the security risk. The security risk occurs when an affected user signs a transaction.

— SecondFi, June 24 update on X

That warning targets the compromised seed phrase and address, not new wallets in general. Importing a SecondFi-generated seed phrase into different wallet software does not fix anything — it exposes the same predictable private key through a different app. Whoever can derive that key can drain the address when a transaction is signed, no matter which software displays it.

If you still have funds at a SecondFi-created address, many security experts advise creating a brand-new ADA wallet with a fresh seed phrase in trusted software and transferring any remaining ADA and tokens there — without reusing the old recovery phrase. SecondFi's latest guidance emphasises that the flaw is address-level and that moving a seed phrase to another app does not remove the risk; it also directs affected users to file claims at support.secondfi.io for the ~129M ADA it says was secured. Treat SecondFi's official channels as the primary source for claims and follow-up.

Cos, the founder of the blockchain security firm SlowMist who also goes by Yu Xian, was among the first to flag the attacker's addresses publicly. Reviewing the fund flows, he estimated that real user losses "could theoretically exceed $20 million," involving "more than 129 million ADA and other tokens." A review of Cardano's on-chain records bears out the scale of his estimate almost to the coin.

⬢ If you used SecondFi — read this
The risk is in the old seed phrase, not in creating a new wallet. This was a SecondFi software flaw, not a Cardano chain failure.
Claims
Affected users — submit at support.secondfi.io
Unsafe
Import your existing SecondFi seed phrase into another wallet app
Why
Predictable keys + signing = drain risk on the same address

01 — Two wavesTwo waves, one operator

The first wave began at 8:29 p.m. UTC on June 21, when three collection wallets sprang to life in the same second and started pulling in funds. They drained roughly 12 million ADA directly from about 198 wallets, along with hundreds of different tokens, then fed the haul into Minswap V2, the pool contract of Cardano's largest decentralized exchange, and swapped the stolen tokens into ADA. That fits the complaints from users that even their lending balances were emptied. The wallets recycled the same coins through Minswap so many times that their raw turnover swells past a billion ADA, far beyond the actual theft. When the swapping stops, the proceeds gather in no single wallet. They scatter across Minswap and at least one other exchange contract, where the attacker's coins dissolve into ordinary trading. The first wave leaves no vault to point at.

⬢ First-wave victim · confirmed on-chain
I was hacked via SecondFi wallet — 38,421 ADA gone without my authorization.
38,421.556
ADA left the wallet in a single transaction
8:31 PM UTC
June 21 — 5:31 AM in the victim's time zone
1 collector
landed in an attacker collection wallet

One of those early victims described the experience plainly. The blockchain confirms it: at 8:31 p.m. UTC on June 21, which was 5:31 the next morning in their own time zone, exactly 38,421.556 ADA left their wallet in a single transaction and landed in one of the attacker's collectors.

The second wave was larger and more direct. Starting before dawn on June 23, a hub wallet pulled in roughly 135 million ADA by sweeping nearly 2,900 wallets one transaction at a time. Among them were whales whose wallets dated to July and August of 2020, holders who had done nothing more provocative than leave their coins where they sat. Within hours, the hub forwarded 129,430,001 ADA in seven transactions into a single vault wallet, opening with a one-ADA test transfer before sending two blocks of 60 million each. That vault has not moved a coin since. The attacker kept the stolen tokens, more than 3,800 of them, including roughly 20 million NIGHT and 263 million SNEK, in the hub and never sold.

Two waves, same operatorJun 21 → Jun 23 · UTC
Wave 1 · dispersed

Collectors → Minswap → scattered

Three collectors ignite in the same second, sweep ~220 wallets, swap through a DEX, then fragment across contracts.
Direct theft~12M ADA
Victim wallets198
IgnitionJun 21 · 20:29:41
DISSOLVED INTO DEX VOLUME — LIKELY LOST
Wave 2 · vaulted

Hub → one sealed vault

A hub sweeps whales one tx at a time, then funnels the proceeds into a single vault that has not moved since.
Into vault129,430,001 ADA
Victim wallets2,874
Transfers7 (2 × 60M)
Last movementJun 23 · 12:20
DORMANT — RECOVERABLE IF IT MOVES
The first wave liquidated; the second hoarded. Both share the same plumbing — every draining transaction was fed gas by one funding wallet.

A small but telling thread ties the two waves together. Each draining transaction needed a few ADA of its own to pay network fees, and that gas was supplied, again and again, by a single funding wallet — about seven ADA at a time, across more than 400 transactions spanning both days. That wallet was itself bankrolled by an older, high-throughput "treasury" address. The shared plumbing, the identical method, and the back-to-back timing all point to one operator. In all, the two waves emptied 3,072 wallets: 198 in the first, 2,874 in the second.

Shared gas plumbing links both wavesone funder · 406 transactions
Per transaction
~7 ADA
gas supplied to each draining tx
Fee funder
both waves
Across both days
406 txns
bankrolled by an older "treasury"
The same wallet paid the fees for drains in both waves — the clearest single signal that one operator ran the whole operation.
Two phases, one operator. The first wave fragments through DEX churn; the second concentrates into a single dormant vault. The shared fee-funder linking both phases is the tell.
Run this analysis yourself

Reconstruct Cardano drains in plain English

Address profiling, directional fund-flow mapping, sweep ranking, DEX churn stripping, and shared-counterparty gas-funder detection — all against indexed Cardano transfer data. The same public ledger the attacker moved across in the open.

address_profiledirectional_flow_mapsweep_rankingdex_churn_filtershared_funder_detectiontoken_balance_agg

02 — RecoveryWhat can still be recovered, and what cannot

The 129.4 million ADA in the dormant vault is, for now, frozen in plain sight on-chain. It has sat untouched at the same address since midday on June 23. In its June 24 update, SecondFi said emergency rescue measures secured roughly that amount during the exploit and that it is routing those funds to an independent custodian for return to affected users after an external audit — with claims via support.secondfi.io. We have not independently verified custodian control or any movement beyond that statement; the vault address below is unchanged in our on-chain data. The thousands of tokens still parked in the hub wallet are likewise visible and unsold. Together they remain the bulk of the headline loss — and, on-chain, the clearest recoverable pool.

At roughly $0.15 per ADA, the price implied by the holdings of Cardano's largest liquidity pool, the dormant vault is worth about $19 million, close to the "$20 million" figure that has circulated publicly. An early reading of the raw collector balances suggested the haul ran far higher, toward 99 million ADA in the first wave alone. That figure turned out to be an artifact of churn. The first-wave wallets cycled the same coins through Minswap more than a dozen times, inflating their apparent throughput. Stripped of the churn, the first wave's direct theft was on the order of 12 million ADA plus tokens. The recoverable core of the attack is the second wave's 129 million ADA, sitting still in the vault.

Two outcomes, one attackrecoverable vs. dispersed
◆ Recoverable core
129.4M ADA
Wave 2's haul on-chain, plus 3,838 token types still in the hub. Sealed in vault A2, unmoved since June 23 — SecondFi says ~129M ADA here was secured for custodian return; claims at support.secondfi.io.
DORMANT ON-CHAIN · SECURED PER SECONDFI
◆ Likely lost
~12M ADA
Wave 1's direct theft, already liquidated through Minswap and at least one other DEX, where it mixed into ordinary volume. No vault to freeze — only a fragmented trail.
DISPERSED · ORDER-BY-ORDER ONLY
One side stands still and visible; the other dissolved into the market within hours. The recoverable side is, by a wide margin, the larger.

The first wave's roughly 12 million ADA and its stolen tokens are the harder case, and the likelier lost. The attacker did not park them. It liquidated them through Minswap and at least one other decentralized exchange, where they mixed into ordinary volume. There is no first-wave vault to freeze, only a trail that fragments across DeFi contracts, recoverable, if at all, through painstaking order-by-order analysis.

A few caveats temper the precision. ADA's dollar value is pinned here to roughly fifteen cents, the rate implied by Cardano's largest liquidity pool on the day of writing, and that number moves. The tokens are rougher still, because the on-chain dictionary that names them misreports the decimal places for at least one major asset, so their dollar worth is an estimate rather than a count. The first wave's size is bounded from below rather than fixed: about 12 million ADA passed directly from victims into the attacker's hands, but the value of the tokens swept alongside it, then sold off through the exchanges, resists a clean tally. And one wallet said to still hold roughly 4 million ADA comes from a community analyst's accounting that this review did not independently reproduce.

Hub → vault: the two 60M blocks7 transfers · Jun 23
Block · hub → vault
60,000,000 ADA
+
then
Block · hub → vault
60,000,000 ADA
=
sealed
Dormant vault (A2)
129,430,001 ADA
129,430,001 ADAfunneled in 7 transactions (opening with a 1-ADA test) into one dormant vault — not a coin has moved since.

For SecondFi users who may still have funds at risk, the distinction matters: wallet software (the app) is not the same thing as the ADA wallet (the key pair behind an address). SecondFi's June 24 guidance says the flaw is address-level, that signing a transaction is when the risk bites, and that importing a recovery phrase into another app does not fix it. Affected users with drained balances should file at support.secondfi.io; anyone with funds still sitting on a SecondFi-created address should treat SecondFi's notices and professional security advice as primary sources.

03 — The ledgerBy the numbers

MetricValue
SecondFi external loss (Jun 24 statement)~16M ADA across 374 addresses — attributed to 3 of 4 draining events
SecondFi secured/rescued (Jun 24 statement)~129M ADA — routed to third-party custodian; claims via support.secondfi.io after audit
Total drained from SecondFi users (on-chain)~141.9M ADA across both waves, plus 3,838 token types
Victim wallets drained3,072 total — 198 first wave + 2,874 second wave
Second-wave vault (dormant)129,430,001 ADA — about $19.4M at $0.15/ADA
First-wave direct theftabout 12.3M ADA from 198 base wallets, since dispersed
Tokens held in the hub3,838 types, incl. ~20M NIGHT and ~263M SNEK
Attack window (UTC)2026-06-21 20:292026-06-23 12:20
Collectors launched2026-06-21 20:29:41 — all three in the same second
Hub-to-vault transfers7 transactions, including two of 60,000,000 ADA
Fee-funding walletabout 7 ADA per tx, across 406 transactions
ADA reference priceabout $0.15, implied by Cardano's largest liquidity pool

04 — The mapOn-chain addresses

Tagged from on-chain analysis. Payment addresses and transactions link to Bitquery Explorer; stake accounts link to AdaStat.

RoleAddress / stake account
Attacker — hub & token vault A1addr1q8g8cgw…vuz99
Attacker — dormant ADA vault A2addr1qxd39k4…wxpl3
Attacker — collector 1 stake52838a79…6497c5
Attacker — collector 2 stake1dde43d2…2ab60c
Attacker — collector 3 stake8bd0c0f7…6afe292f
Attacker — fee / gas funderaddr1q8acx4h5…cezfa8
Funding source "treasury" · unconfirmedaddr1v8wfpcg4…s6g07rfjm
Minswap V2 pool a DEX — NOT attacker-ownedaddr1z84q0denmye…777e2a

05 — The receiptsKey transactions

TransactionWhat it shows
16f81996…08814The reported 38,421.556 ADA victim drain, with the fee-funder as a co-input
c9556fbe…acf5a0The single largest second-wave sweep — 5.41M ADA into the hub
fab61e24…098d93First 60,000,000 ADA block, hub to vault
c5aceba0…651d71Second 60,000,000 ADA block, hub to vault
How we did it

Reconstructed through Bitquery

Address profiling, directional fund-flow mapping, time-windowed sweep ranking, DEX-swap churn stripping, and shared-counterparty (gas funder) detection — all against indexed Cardano transfer data. The same public ledger the attacker moved across in the open.

address_profiledirectional_flow_mapsweep_rankingdex_churn_filtershared_funder_detectiontoken_balance_agg
Cross-checked against SlowMist's public attribution; addresses and tx hashes confirmed on Bitquery Explorer, AdaStat, and Cardanoscan.

06 — SourcesSources and further reading

SlowMist · Cos (Yu Xian)First flagged the attacker addresses — x.com/evilcos
SecondFi · Jun 24 updateOfficial incident update — x.com/secondfiapp/status/2069719171391512793 · claims at support.secondfi.io
SecondFiProject account — x.com/secondfiapp
MinswapThe DEX the first wave routed through — minswap.org
Block explorersBitquery Explorer · AdaStat · Cardanoscan
Victim transaction sheetGoogle Sheets — 3,072 wallets, transaction by transaction
Victim transaction data

Full drain ledger — 3,072 wallets

Every victim drain reconstructed at transaction level: wallet, amount, timestamp, collector, and wave. Open the sheet to search or filter your address.

3,072 victim walletswave 1 + wave 2tx hashesADA + tokens

Run investigations like this with AI

Bitquery AI Investigations traces fund flows, clusters wallets, and surfaces dormant vaults across 40+ chains — the moment a block is final, through one interface.

Methodology & disclaimer

This account is based on a transaction-level analysis of Cardano on-chain data and on public statements by SecondFi (including its June 24, 2026 update on X) and by SlowMist's Cos (Yu Xian). SecondFi's stated loss and rescue figures differ from the on-chain totals reconstructed below; we report both where relevant. It is provided for informational and educational purposes only and does not constitute legal, financial, compliance, or investment advice.

First-wave ADA figures are stated net of decentralized-exchange swap churn, which inflates raw on-chain turnover several times over; token valuations are approximate and depend on per-token decimal precision that remains to be verified. ADA is valued at about $0.15, the rate implied by Cardano's largest liquidity pool at the time of writing. One wallet said to still hold roughly 4 million ADA comes from a community analyst's accounting that this review did not independently reproduce.

Blockchain addresses are pseudonymous, and the presence of a transaction between two addresses does not by itself establish the identity, intent, or knowledge of any party. Attacker, victim, and infrastructure attributions are based on on-chain behavioral analysis and third-party sources, may be incomplete or contain errors, and may change as additional data becomes available. References to Minswap and other named services describe transaction flows observed on-chain and are not assertions of wrongdoing by those entities. All trademarks and company names are the property of their respective owners.