Cardano co-founding body, EMURGO, details strategy to reclaim $2.4 million lost in wallet hack
June 28, 2026
EMURGO, a fundamental organization of the Cardano blockchain, recently announced a plan to recover $2.4 million lost in a wallet hack. The CEO, Phillip Pon, disclosed that they have successfully completed a thorough forensic review, verified the balances in the wallet, and established a clear path for recovery. This development comes after the SecondFi wallet experienced a series of unfortunate events between June 21 and 23. These incidents included three instances of theft totaling 16 million ADA and an emergency transfer of 129 million ADA.
Pon emphasized on a social media platform that EMURGO intends to spend one week constructing the recovery mechanism and another week testing it thoroughly. He also urged affected users to adhere strictly to official instructions and avoid suspicious actions. It is essential to note that SecondFi never requests private keys, seed phrases, or wallet access from its users. The organization is committed to ensuring the security and protection of its users’ assets.
The detailed analysis of the hack revealed that private keys were compromised due to an address-level flaw in the wallet creation software utilized by SecondFi. Tibane Labs provided an extensive examination of the situation, identifying an Ed25519 signature bug as the primary cause of the security breach. This bug allowed for the reconstruction of private keys through a single signature, leading to the unauthorized outflows of ADA.
Tibane Labs further highlighted that the incident was not merely a coding error but a governance failure on the part of the Cardano co-founding organization. This failure stemmed from deploying unaudited code into production without independent scrutiny. Security researcher Taylor Monahan pointed out that SecondFi developed its cryptographic code in isolation, keeping the source code private and bypassing essential audits. These lapses in oversight ultimately facilitated the breach and the subsequent theft of funds.
In response to these challenges, EMURGO is diligently working on rectifying the situation and recovering the stolen assets for affected users. The organization’s commitment to transparency, security, and user protection is evident as they navigate through this crisis. By implementing robust recovery measures and reinforcing security protocols, EMURGO aims to restore trust and confidence in the Cardano ecosystem.
As the recovery plan unfolds over the next two weeks, stakeholders and users are encouraged to stay informed through official channels and exercise caution to prevent any further breaches or unauthorized access. EMURGO’s proactive approach towards resolving this incident showcases their dedication to safeguarding the interests of the Cardano community and upholding the integrity of the blockchain ecosystem.
