Tell Us What You Think — We'll Thank You for It.
Home CryptocurrencyFlow Details $3.9M T...

Flow Details $3.9M Token Duplication Exploit, Network Halted Within Hours

By José Oramas January 07, 2026 In Cryptocurrency, Flow
Money trap as bait. Dollar shapes polygon on the fishing hook with copy space for text. Business metaphor. About debt and making unrealistic profits. Investment finance concept. 3D vector.
Source:AdobeStock
  • A protocol exploit in the Flow blockchain’s Cadence runtime on December 27 allowed an attacker to create $3.9 million in counterfeit tokens.
  • Network validators halted the chain within six hours and froze most fraudulent assets on exchanges before they could be liquidated.
  • Flow has patched the vulnerability and destroyed the counterfeit tokens via a governance-approved recovery plan, with 99% of accounts remaining unaffected.

The Flow blockchain contained a Dec. 27 protocol exploit that let an attacker create counterfeit tokens by abusing a flaw in the network’s Cadence runtime, leading to about US$3.9 million (AU$5.9 million) in confirmed losses before the incident was stopped, the Flow Foundation said Tuesday in a technical post-mortem.

The Foundation said the attacker did not break into wallets or drain existing balances. Instead, the bug allowed some assets to be duplicated in a way that bypassed normal supply controls, effectively creating extra tokens that should not have existed. 

The risk was that counterfeit tokens could be sold into real markets before being detected.

Read more: Surviving 2026: Aussie Analysts on How to Filter Financial Noise and Master the Final Cycle

Advertisement

How the Flow Incident Went Down

Crypto News Australia reported last week that Flow started rebuilding its network after the team realized an exploit on Saturday. It started with suspicious exchange activity tied to a large FLOW token deposit and rapid withdrawals.

Flow said validators coordinated a halt within six hours of the first malicious transaction and switched the network into a read-only mode to block “exit paths” while the team investigated. The Foundation said exchange partners also froze most of the counterfeit assets before they could be liquidated. 

Two days later, Flow restarted under an “isolated recovery” plan designed to keep valid transaction history intact while enabling a governance-approved process to recover and permanently destroy the counterfeit tokens.

Most accounts were not affected operationally. Flow said more than 99% of accounts retained full access during and after recovery, while a small number of accounts that interacted with the counterfeit tokens were temporarily restricted as a precaution.

The Foundation said it has patched the vulnerability, added stricter runtime checks, and expanded regression testing. It also said it is working with forensic partners and law enforcement, and plans to strengthen monitoring and bug-bounty programs as part of broader security hardening.

The flow token is down 53% since its launch in early December, currently trading at US$0.1012 (AU$0.15), as per CoinGecko data.

Advertisement

Related: Analysts Say Bitcoin Finds Its Footing as 2026 Opens, Eyes Turn to ETF Flow

José Oramas
Author

José Oramas

José is a journalist and translator with a keen interest in blockchain and cryptocurrencies.

You may also like

Banks,
January 22, 2026

White House Crypto Czar: Banks and Crypto Will Merge Into One Industry

Cryptocurrency,
January 21, 2026

Behind the Volatility: Key Takeaways from Crypto’s Q4 2025

Cryptocurrency,
January 20, 2026

Crypto Investment Products See Largest Weekly Inflows Since October 2025