Cardano's SecondFi Announces Two-Week Timeline for Asset Recovery Following Wallet Breach
Following the completion of forensic analysis and a final snapshot of balances, SecondFi has outlined its plan to restore user assets.
Following Tuesday's security breach, Cardano wallet provider SecondFi has outlined a recovery plan for impacted users and anticipates commencing the process of returning assets within approximately two weeks, pending completion of testing procedures and security audits.
In a statement released on Saturday, Phillip Pon, who serves as CEO of Emurgo, the development company behind SecondFi, announced that forensic investigations have been concluded and a pathway for recovery has been established for those affected. The upcoming week will be dedicated to building out the solution, Pon explained, with an additional week allocated for testing procedures before the return of assets can commence.
Users were cautioned by Pon against migrating their assets or taking any steps outside of official recommendations, noting that the recovery mechanism has been designed based on current wallet states and that any independent actions could create complications in the secure restoration of funds.
On Tuesday, SecondFi made public a security compromise that impacted around 16 million ADA, valued at approximately $2.4 million at that point in time, distributed across 374 addresses. The company had previously indicated that it tracked the incident to a problem at the address level within its Cardano web wallet generation software, which resulted in the exposure of users' private keys.
Additionally, the company reported that it successfully secured approximately 129 million ADA through emergency protective measures and moved these funds to an independent third-party custodian, where they will be held until both the verification and recovery procedures are finalized.
A comprehensive post-mortem analysis providing detailed information about the vulnerability or the methods used to execute the exploit has not yet been released by SecondFi.
SecondFi issues alert about scams targeting recovery process
Through another update released on Saturday, SecondFi issued a warning that bad actors are distributing fraudulent communications that impersonate the wallet service while the recovery initiative is still in progress.
The company clarified that no recovery procedures requiring user involvement have commenced at this time and emphasized that it will never request private keys, seed phrases, wallet credentials or direct access to wallets from users.
Any communications directing users to provide wallet information, transfer assets or take immediate action through channels other than its verified communication platforms should be considered fraudulent, SecondFi stated.
The company further noted that users who need assistance should create a ticket via its official support portal during the ongoing recovery process.