The Flow Foundation revealed a $3.9 million exploit on Dec. 27, where an attacker counterfeited tokens due to a flaw in Flow’s Cadence runtime. Validators halted the network within six hours, freezing most counterfeit assets. Flow resumed operations two days later with an isolated recovery plan to destroy counterfeit assets.

No existing user balances were compromised in the Flow exploit. The attacker generated numerous counterfeit tokens, but most were contained or frozen. Flow has patched the vulnerability, enhanced runtime checks, and is collaborating with forensic partners and law enforcement to strengthen security measures.

Dapper Labs introduced Flow in 2019 to address scalability issues for consumer applications like games and digital collectibles. The success of NBA Top Shot on Flow in 2020 and 2021 boosted the network’s profile, with the FLOW token surpassing $40. However, the token’s value dropped after the Dec. 27 hack, falling outside the top 300 cryptocurrencies by market capitalization.

Read more at Cointelegraph.: Flow Details December Exploit that Led to $3.9M in Counterfeit Token Losses