Search the site
Press ESC to close
LIVE
Loading...
Updating...

SecondFi Tracks Cardano Exploiters: 4 Million ADA Flagged After Attack

Wei Liang Mo
Fact-checked
2 min read
355 words
Share

The Cardano ecosystem service provider SecondFi has released a comprehensive progress report regarding a series of recent security breaches that compromised hundreds of user wallets. Between June 21 and June 23, 2026, a sophisticated, automated multi-wave exploit targeted the platform, resulting in the unauthorized transfer of digital assets. The project team has successfully identified the primary on-chain entities involved and is currently working with security analysts to mitigate further losses.

Analysis of the Three-Wave Automated Attack

According to technical data provided by SecondFi, the breach was executed in three distinct stages, characterized by high-speed batch operations. The investigation has distinguished between two primary malicious actors:

  • Attacker A: Responsible for the first and second waves, this entity successfully drained funds from 171 Cardano wallets using automated scripts.
  • Attacker B: Executed the third wave of the exploit, targeting 203 wallets and consolidating the stolen assets into a centralized repository.

The use of batch operations suggests the attackers utilized specialized tools to bypass standard transaction delays and maximize the efficiency of the asset extraction process.

On-Chain Monitoring and Asset Recovery Efforts

In an effort to prevent the liquidation of the stolen funds, SecondFi has published the stake keys and collection addresses associated with both perpetrators. A significant portion of the stolen capital, approximately 4.02 million ADA, remains held in a single address controlled by Attacker B. This address has been officially flagged across major blockchain explorers and is under continuous on-chain monitoring to track any movement to centralized exchanges or decentralized protocols.

Approximately 4.02 million ADA remain in Attacker B's designated address, which has now been flagged and is under on-chain monitoring. The project team stated that they are continuing to track the movement of these assets.

While the investigation into the root cause of the vulnerability continues, the SecondFi team is coordinating with broader Cardano (ADA) network stakeholders and security researchers. The identification of these addresses represents a critical step in the forensic process, potentially allowing for the blacklisting of funds at the exchange level and providing a pathway for potential recovery for the affected wallet holders.

Frequently Asked Questions

Quick answers to the most common questions about this topic.