PANews reported on December 28th that the Flow Foundation announced that on December 27th, attackers exploited a vulnerability in the Flow execution layer to transfer approximately $3.9 million in assets off-network before validators could execute the coordination stop operation. This attack did not affect existing users' balances. All users' deposits remain intact.

The protocol fix has been developed and released, and node operators are coordinating the deployment of this upgrade. The network will roll back to the checkpoint before the exploit to remove unauthorized transactions.