The FLOW token, from the blockchain of the same name, saw its price suddenly plummet by approximately 40% over the weekend. The cause: a hack estimated at $3.9 million, but that may not be the most significant factor…
Flow: a hack estimated at $3.9 million
Security is a necessity, even more so in the cryptocurrency sector than elsewhere. And for good reason: its protocols and blockchains offer prime targets for malicious actors seeking to steal fortunes with just a few clicks—if it isn’t the participants themselves who are directly targeted by scams.
This high-stakes environment recently saw the Flow blockchain—a Layer 1 platform specializing in the NFT sector—suffer a “vulnerability exploit” attack over the weekend. The incident was officially reported on December 27 on the X network, with the resulting loss—estimated at $3.9 million—being relatively minor for this type of case.
On December 27, 2025, an attacker exploited a vulnerability in Flow’s execution layer and moved approximately $3.9 million in assets off-chain before validators executed a coordinated shutdown. It is crucial to note that this exploit did not access users’ existing balances. All user deposits remain intact.
Flow
Almost immediately, the price of FLOW triggered a significant 40% drop, settling at the $0.10 level. This further weighed down on an already very poor performance, with the annual return now equivalent to a decline of nearly 90%.
FLOW token plummets 40% following a hack
A regrettably common occurrence that led to the Flow blockchain being shut down, raising questions—particularly regarding its actual decentralization. But perhaps not as much as the desire of its managers and validators to revert to a pre-hack state using a “rollback” procedure.
Is a “rollback” procedure worse than the initial hack?
As soon as this attack was discovered, the Flow blockchain’s leaders quickly attempted to block the transfers made by the hacker, to no avail. Indeed, he apparently managed to move his entire haul to Ethereum using various bridges.
At the same time, they made a rather unusual decision that was quickly contested by many partners, such as the co-founder of the deBridge project, Alex Smirnov. The goal? To carry out a “rollback” operation that could be summarized as: we go back and start over as if nothing had happened.
The Flow team decided to perform a blockchain rollback (…) This hasty decision risks causing financial damage far greater than the impact of the initial exploit. A rollback introduces systemic issues that affect bridges, custodians, users, and counterparties who acted in good faith during the relevant window.
Alex Smirnov (deAlex)
Faced with opposition from its partners, the Flow blockchain has finally abandoned this critical procedure, with a “revised remediation plan” approved a few hours ago. Its deployment has been underway since 7:00 this morning.
