Earn up to 50% APR
Boost earnings with NFTs
Play, HODL & earn more
Why User Funds Were Safe Despite the Flow Exploit
-
Flow emphasized that no existing balances were stolen during the Dec. 27 incident, as the exploit created counterfeit tokens rather than pulling funds from user accounts. More than 99% of accounts retained full access throughout the recovery, while a small number of wallets that interacted with the fake assets were temporarily restricted as a precaution.
Following the incident, Flow patched the vulnerability, introduced stricter runtime checks, and expanded regression testing to prevent similar failures. The foundation is also working with forensic partners and law enforcement while strengthening monitoring systems and bug-bounty programs as part of broader security hardening.
-
no balances stolen is good but counterfeit tokens is still a brutal headline
