More

    Ctrl Wallet shuts down after exploit, urges users to move funds

    Ctrl Wallet has announced the permanent shutdown of its services after a recent security exploit, giving users until Aug. 3 to move their crypto assets before core wallet functions go offline.

    Summary

    • Ctrl Wallet will permanently shut down on Aug. 3 and has urged users to move funds before wallet services end.
    • Users can still recover assets later by importing their 12- or 24-word recovery phrase into compatible wallets.
    • The shutdown follows a recent Cardano-related exploit and comes amid a string of crypto wallet and bridge security incidents.

    Ctrl Wallet said in a blog post published Tuesday that it will disable sending, receiving, swapping and all other wallet functions from Aug. 3, leaving users with only the ability to export their recovery phrases.

    The company also confirmed it will immediately stop new downloads and remove the application from browser extension and mobile app stores as part of the shutdown process.

    The decision comes just weeks after Ctrl Wallet disclosed a security incident affecting some Cardano wallets. On June 23, the wallet provider said it had placed parts of its platform into temporary maintenance mode while engineers investigated the issue and worked to protect user assets.

    Users have one month to transfer assets

    Ahead of the shutdown deadline, Ctrl Wallet has strongly advised customers to move their funds to another wallet or exchange instead of waiting until services are disabled.

    According to the company, users who do not transfer assets before Aug. 3 will still be able to access their funds by importing their 12-word or 24-word recovery phrase into another compatible wallet.

    Ctrl Wallet identified MetaMask, Trust Wallet and Phantom as compatible alternatives for importing recovery phrases. The company stressed that users should securely back up their seed phrases before attempting any migration.

    Alongside the shutdown notice, Ctrl Wallet warned that there will be no migration token, token swap, or airdrop linked to the closure. The wallet provider urged customers to ignore social media posts or websites claiming to offer compensation or rewards tied to the shutdown, cautioning that such offers are likely to be scams.

    Formerly known as XDEFI Wallet, Ctrl Wallet lists more than 650,000 monthly users and a workforce of between 11 and 50 employees on its LinkedIn profile. The wallet supported more than 2,500 blockchain networks, including Cardano and Midnight.

    Security incidents continue across crypto platforms

    The shutdown follows a transition announced on April 29, when Ctrl Wallet said it had come under the Emurgo umbrella and that its multichain technology would continue through the SecondFi wallet. SecondFi, a self-custodial wallet developed by Emurgo after rebranding from Yoroi in April 2026, later suffered its own security incident.

    On June 24, attackers exploited a vulnerability in SecondFi that resulted in the theft of about 16 million ADA, worth roughly $2.4 million at the time.

    SecondFi later said it had secured about 129 million ADA through emergency measures, transferred those funds to an independent third-party custodian, and introduced a recovery process covering the 374 affected wallet addresses.

    The latest shutdown also comes during a series of security breaches affecting crypto infrastructure. As previously reported by crypto.news, blockchain security firm Blockaid detected an active exploit against the DeFi platform Summer.fi that had drained about $6 million before the attack was disclosed.

    Separately, Taiko urged users to withdraw assets from all bridges on its network after confirming its chain state verification mechanism had been compromised, while Blockaid estimated losses from the related ERC20 Vault attack at more than $1 million.

    Days earlier, interoperability protocol Axelar disabled its Secret Network bridge connections after an exploit led to the loss of roughly $4.7 million in bridged assets.

    According to Axelar, early findings indicated the issue originated in the Secret Network’s ICS-20 smart contract rather than Axelar’s core infrastructure, prompting the protocol to suspend affected connections while its investigation continues.

    News#Ctrl #Wallet #shuts #exploit #urges #users #move #funds1783436939

    Stay in the Loop

    Get the daily email from CryptoNews that makes reading the news actually enjoyable. Join our mailing list to stay in the loop to stay informed, for free.

    Latest stories

    - Advertisement - spot_img

    You might also like...