Crypto Holder Loses 2.3 Million ADA from Ledger Wallet Without Signing Transaction

A Cardano user claimed a significant unauthorized withdrawal of 2.3 million ADA from a Ledger hardware wallet without any transaction approval, adding to security concerns following the recent SecondFi wallet incident. The report emerged on June 26, 2026, when X user smokeNotCNFT posted about the sudden drain from their Ledger device. The user stated that the wallet had not been connected to any dApp and no transaction was signed. Ledger replied promptly to the post, acknowledging the difficulty of such losses and directing the user to their official support documentation for reported fund losses. The company also issued a standard security reminder, cautioning against scammers who exploit these situations. Ledger emphasized that it never requests 24-word recovery phrases via calls, messages, or unsolicited contact.

Hi @smokeNotCNFT, we’re sorry to hear about your experience. Losing funds is devastating and we know how difficult it can be to process.

Please start here: https://t.co/TEpeqgTmyy This guide outlines the steps to take if you’ve confirmed a loss.

Also, please be careful.…

— Ledger (@Ledger) June 26, 2026

lost $1.76 million worth of USDC after signing a malicious permit transaction, underscoring the importance of carefully reviewing all wallet approval requests. Another Cardano user, Grokcardano, initially reported a small 2 ADA movement on their Ledger wallet under similar circumstances. In a follow-up post hours later, the same user clarified that the movement was not a loss. It resulted from enabling Bluetooth and secure connection features on the device, with funds fully intact and the wallet functioning normally afterward. These reports surfaced against the backdrop of the SecondFi (formerly Yoroi) wallet vulnerability. In that separate incident, a flaw in SecondFi’s wallet generation software led to private key compromises for certain users. According to SecondFi, approximately 16 million ADA ($2.4 million) was drained across affected wallets. Security firm SlowMist estimated that total potential losses could exceed $20 million involving up to 129 million ADA.

Hardware wallets like Ledger are typically unaffected by software generation flaws unless users had previously exposed their recovery phrases through vulnerable interfaces or restored seeds from compromised wallets. No public on-chain evidence was widely shared at the time of initial reporting to fully substantiate the 2.3 million ADA drain. Security incidents have not been limited to wallet providers alone. Earlier this month, attackers drained approximately $7.3 million from legacy liquidity lockers on BNB Chain, highlighting how vulnerabilities across different parts of the crypto ecosystem can expose user funds.

The events highlight ongoing challenges in wallet security across the Cardano ecosystem. While the blockchain itself remains secure, user-side tools and practices are critical. Hardware wallets provide strong protection by keeping keys offline, but recovery phrases must never be entered into potentially vulnerable software environments.

Affected or concerned users are advised to:

• Avoid restoring old seeds into any wallet
• Generate fresh addresses using hardware wallet confirmation
• Move funds to a new Ledger wallet with a completely new 24-word recovery phrase

Official channels from Ledger and SecondFi remain the only reliable sources for guidance. Both have warned about active phishing attempts tied to these incidents. As investigations continue, the episode serves as a timely reminder for holders to review past wallet connections, audit interactions, and prioritize strict offline seed management to maintain ecosystem confidence.