Loading prices…
Zipp Zipp Advertise
Sign up Sign in
🩸BEARISH Crypto News

$18.5M ADA theft: wallet builder still can't ID attacker

The builder cannot trace the perpetrator, and recovery work is still running through parallel approaches two weeks after the breach first surfaced.

A wallet provider tied to the Cardano ecosystem is still unable to identify the actor behind an $18.5 million ADA theft, with the project's lead acknowledging that the recovery effort has not yet produced a definitive suspect or a confirmed return path for the stolen funds.

In an update on June 28, the team said engineering is working through multiple technical approaches in parallel to determine the most secure recovery solution for affected users. The statement kept to a previously disclosed two-week recovery timeline and stopped short of naming an attacker, a vector, or a chain-level mitigation that has been applied so far.

Why it matters

A high-value ADA theft with no identified culprit and no live recovery path is unusual this deep into 2026's threat cycle. Comparable breaches on Ethereum and Solana ecosystems tend to surface an attribution or a flagged address cluster within days, because the chain analytics stack around those assets is mature. Cardano's tooling is thinner, and a prolonged attribution gap of this size raises the cost of similar attacks against other ADA-native wallet stacks.

Market impact

ADA has not seen a sharp reaction to the update, but the absence of a recovery mechanism keeps the affected pool of users exposed. Watch for the next status note: a working recovery path, an exchange-side freeze of the destination address, or a law-enforcement referral would each be the kind of confirmation that meaningfully de-risks the situation. Continued silence on attribution a week from now would shift the read from operational to structural.

Related tokens
$ADA
$ADA#Cardano#WalletBreach#Security

Frequently asked questions

  1. Who stole the $18.5M in ADA?

    No one has been publicly identified. The wallet provider said in a June 28 update that engineering is still working through parallel technical approaches and has not named an attacker, a vector, or a recovery path.

  2. Which Cardano wallet was affected?

    The seed points to a wallet provider inside the Cardano ecosystem, with the update delivered via the SecondFi X account. The specific wallet product and vendor are not detailed in the source.

  3. Is ADA dropping because of the theft?

    The update did not trigger a sharp price reaction in the source. The unresolved recovery path keeps affected users exposed, but a market-wide sell-off tied to this incident is not evident in the seed.

  4. When will the stolen ADA be recovered?

    The team says it remains on a previously stated two-week recovery timeline. No concrete return mechanism or restitution process has been confirmed for users.

  5. Why is this attribution gap unusual?

    Comparable breaches on Ethereum and Solana typically surface a flagged address cluster or a named threat actor within days, because chain analytics around those assets is mature. Cardano tooling is thinner, which extends attribution timelines and raises risk for similar targets.

Source attribution
Aggregated from Crypto News · Verified · Last refreshed 1h ago
Open original →

More from Security

Stories our editors think pair well with this one.

Older in Security

Catch up on earlier coverage from this beat.