Particle.news

Ctrl Wallet to Close on August 3 After Cardano Wallet Exploit

The shutdown forces users to export recovery phrases or move assets themselves before core wallet functions are turned off.

Overview

  • Ctrl Wallet announced on July 7 that it will permanently cease operations on August 3 and has removed its mobile and browser apps from stores so no new downloads are possible.
  • The decision follows a Cardano-targeted security exploit disclosed on June 23 and a related SecondFi attack on June 24 that stole about 16 million ADA, events that prompted emergency maintenance and audits.
  • Users must export their 12- or 24-word recovery phrases or transfer funds to other wallets before August 3, and Ctrl specifically named MetaMask, Trust Wallet and Phantom as compatible import options.
  • The company said there will be no token migrations, airdrops, refunds, or compensation and warned that any third-party offers of 'migration' tools or payouts are almost certainly scams.
  • Ctrl began as XDEFI and served hundreds of thousands of monthly users across more than 2,500 blockchains, and its closure highlights growing security risks for self-custodial wallets and will likely prompt a wave of user migrations and scam attempts.