Flow Blockchain Investigates Security Breach as Token Falls 40%

Catenaa, Tuesday, December 30, 2025-The Flow Foundation is investigating a security incident on its Layer 1 blockchain after a potential exploit caused the FLOW token to drop more than 40%, according to the team.

South Korean exchanges Upbit and Bithumb suspended deposits and withdrawals, and the Digital Asset Exchange Alliance issued a transaction risk warning.

Onchain analyst Wazz reported that approximately $4 million was stolen. The attacker reportedly used a wallet created six months ago to mint millions of wrapped FLOW (WFLOW) tokens through a TransparentUpgradeableProxy contract, indicating a private key compromise rather than a smart contract flaw.

Security expert Taylor Monahan confirmed the breach allowed minting of FLOW and other bridged assets, including WBTC, WETH, and stablecoins, and noted that all associated pools and bridges were paused.

The FLOW token fell from roughly $0.17 to $0.10 within hours, with trading volume exceeding $170 million over 24 hours.

Dapper Labs, Flow’s developer and the company behind NBA Top Shot and CryptoKitties, said engineering teams are working with network partners to mitigate the issue.

The Flow Foundation has promised verified updates once available.

The incident highlights growing security risks in the crypto industry, which saw over $3.4 billion in thefts in 2025, including a $1.5 billion hack of Bybit in February.

Private key compromises accounted for 88% of stolen funds in the first quarter of the year. Flow’s blockchain, built for consumer applications and NFTs, has faced market challenges as digital collectibles trading slowed after peaking in 2021.

The Flow Foundation has not yet provided additional comments on the investigation or potential remediation.