According to a statement from SecondFi, the incident involved four separate withdrawal events, with three of the attacks carried out by external hackers. To prevent further losses, the team urgently moved another 129M ADA to external storage and fully suspended the service.
The project is currently conducting an independent review of its reserves, alongside a technical investigation in cooperation with a third-party company specializing in blockchain security.
The team confirmed that the attack was caused by a vulnerability in the internal software used in wallet generation. If the issue is indeed linked to the mechanism responsible for creating private keys, the risk could potentially affect all addresses created through the compromised version of the app.
Users are being warned not to transfer funds, not to import seed phrases into other wallets within the Cardano ecosystem, and not to attempt account recovery through third-party applications, as this will not remove the underlying risk and could lead to further losses.
The only official step available to affected users is submitting a compensation request through SecondFi support. Following the incident, the team also warned about a surge in fake support accounts, as scammers are already impersonating project representatives and attempting to steal seed phrases.
Key players across the Cardano ecosystem have joined the investigation, including Cardano Foundation, Input Output Global, Intersect, and SundaeSwap. Their goal is to track the movement of the stolen funds and reduce risks for other protocols operating on the network.