Cointelegraph
DOGE$0.07483 3.13%
TRX$0.3310 0.93%
LINK$7.93 0.38%
ZEC$457.81 2.90%
ADA$0.1778 2.87%
XRP$1.12 1.35%
ETH$1,782.66 0.62%
BTC$63,397.36 0.85%
XMR$325.24 1.84%
BNB$580.30 0.03%
XLM$0.1943 4.49%
SOL$81.30 0.60%
HYPE$71.78 1.86%
Written by Zoltan Vardaistaff writerReviewed by Yohan Yunstaff writer

Ctrl Wallet to shut weeks after security exploit

Latest NewsPublishedJul 7, 2026

The move follows a June 23 exploit that has now resulted in closing down the wallet, with users urged to withdraw their assets before all functions are disabled on Aug. 3, 2026.

Non-custodial multichain cryptocurrency wallet Ctrl Wallet will shut down its services, weeks after a security exploit, and told users on Tuesday to withdraw their assets within the next month.

Ctrl Wallet reported a security issue on June 23 effecting some Cardano wallets on the platform and said it entered a temporary "maintenance mode" to protect user assets until its engineering team restores full functionality. 

Earlier today, the wallet's operators announced that starting Aug. 3, 2026, sending, receiving, swapping funds and all other actions within the app will be unavailable, except for exporting users' recovery phrases.

The app will be removed from both app and browser extension stores, while downloads will be halted immediately, Ctrl Wallet said in a blog post.

Ahead of the Aug. 3 deadline, users can transfer their assets from Ctrl Wallet to another exchange or crypto wallet. After that, users will only be able to import their recovery phrase into another compatible wallet provider. Ctrl Wallet “strongly” recommended that users export their assets before Aug. 3.

Source: Ctrl Wallet

Ctrl Wallet said that users can export their 12-word or 24-word recovery phrase into compatible wallets, including MetaMask, Trust Wallet and Phantom.

The wallet provider said there will not be a migration token or an airdrop event and urged users to exercise caution when encountering fake social media posts or websites promising similar incentives.

Ctrl Wallet, formerly XDEFI Wallet, lists between 11 and 50 employees and over 650,000 monthly users on its LinkedIn page. The wallet supported over 2,500 blockchain networks, including Cardano and Midnight.

Related: Dormant $1.9M Bitcoin tied to New York lawsuit moves after nearly 15 years

Ctrl Wallet transitions under the Emurgo umbrella before SecondFi exploit

On April 29, Ctrl Wallet announced its transition under the Emurgo umbrella and said that its multichain architecture will continue inside the SecondFi wallet.

SecondFi is a self-custodial platform built on Cardano that rebranded from the Yoroi wallet in April 2026 and was developed by Emurgo, the "for-profit arm of Cardano."  

On June 24, a vulnerability in SecondFi enabled attackers to drain user funds, resulting in an estimated loss of around 16 million ADA, then worth about $2.4 million.

Days later, SecondFi revealed a recovery path to repay affected users across the 374 impacted wallet addresses. It also said it secured about 129 million ADA through emergency measures and transferred the funds to an independent third-party custodian, where they will remain until the verification and recovery process is complete. 

Magazine: SBF will never get a pardon, Trump peace deal boosts Bitcoin: Hodlers Digest June 14-21

Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

More on the subject