- Cardano wallet firm SecondFi will not resume normal operations after a $2.4 million ADA exploit last month.
- Developer Emurgo says its involvement is now limited to a dedicated asset recovery team focused solely on returning assets to affected users.
- A white hat Hacker secured 129 million ADA ($18.5 million) during the incident; Emurgo has established a recovery fund address currently holding $2.8 million in ADA.
Cardano wallet firm SecondFi says it will not resume “normal operations” and will instead focus solely on “returning assets to affected users” as it continues to grapple with last month’s $2.4 million ADA exploit. Developer Emurgo claimed that “SecondFi will not resume normal operations, even once the audits are complete.”
The firm has yet to release an audit of the exploit, which saw 16 million ADA ($2.4 million) stolen by bad actors and 129 million ADA ($18.5 million) taken by a mysterious white hat hacker. Emurgo is also yet to launch a recovery plan for affected users.
SecondFi wallets were drained after a “nonce derivation” issue exposed users’ private keys. The exploited code created deterministic transaction data that could provide clues to recreate a wallet’s private key.
In the weeks that followed, users speculated that the white hat hacker may not actually have been associated with Emurgo. An X Spaces discussion with Cardano founder Charles Hoskinson fueled speculation after he said the white hat hacker was unknown to Emurgo.
SecondFi’s latest statement notes that the assets acquired through its emergency response “are currently protected and accessible.” As for the threat actor funds, Emurgo has established a recovery fund address here, which currently contains $2.8 million worth of ADA. It is unclear whether these funds come from the rescued ADA or Emurgo’s own supply.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
