- Buy Crypto
- Markets
Futures- Spot
- Copy Trade
Earn- More
Flow Security Incident Review: Type Confusion Vulnerability in Cadence Identified as Key Factor
BlockBeats News, January 7th, Folw released an attack event retrospective report, stating that the attacker exploited a Flow Network vulnerability to mint fake tokens, stealing approximately $3.9 million through a bridging attack. This attack did not access or leak any existing user balances. The attack duplicated assets but did not touch legitimately held assets, with the majority of the fake assets either stored on-chain before liquidation or frozen by exchange partners. Network validators have approved a decentralized governance action authorizing the permanent destruction of all fake assets. The network resumed operation on December 29th, is currently running smoothly, and all transaction history has been preserved.
The attacker sequentially deployed over 40 malicious smart contracts, leveraging a three-stage attack chain: 1) bypassing attachment import verification; 2) circumventing defense checks of built-in types; 3) exploiting a contract initializer semantic vulnerability. The root cause was a type confusion vulnerability in the Cadence runtime (v1.8.8), which has now been patched (v1.8.9 and higher versions). This vulnerability allowed the attacker to disguise protected assets (which should not be duplicable) as standard data structures (which are duplicable), bypassing runtime security checks and enabling token minting.
In addition to moving assets out of Flow, the attacker also attempted to deposit fake FLOW on several centralized exchanges, but due to the abnormal transaction volume and internal anti-money laundering protocols, multiple exchanges froze the deposit upon receipt. Approximately 50% of the fake FLOW deposits have been returned and destroyed by cooperating exchanges (such as OKX, Gate, MEXC), while the foundation continues to actively coordinate with other exchange platforms.
You may also like
February 9th Market Key Intelligence, How Much Did You Miss?
After being questioned by Vitalik, L2s are collectively saying goodbye to the "cheap" era
WEEX AI Trading Hackathon Paris Workshop Reveals: How Retail Crypto Traders Can Outperform Hedge Funds
Witness how WEEX's Paris AI Trading Hackathon revealed AI's edge over human traders. Explore key strategies, live competition results & how to build your own AI trading bot.
U.S. Oil (USOR) Price Prediction 2026–2030
Key Takeaways U.S. Oil (USOR) is a speculative Solana-based crypto project that aims to index the United States…
USOR Surges on Meme Narrative Despite No Real-World Asset Backing
Key Takeaways: USOR, a Solana-based token, has seen a notable surge driven by speculative narratives rather than verifiable…
How to Buy U.S. Oil Reserve (USOR) Cryptocurrency
Key Takeaways U.S. Oil Reserve (USOR) is a Solana-based token primarily traded on decentralized exchanges (DEXs). Claims have…
USOR vs Oil ETFs: Understanding Why the ‘Oil Reserve’ Token Doesn’t Track Crude Prices
Key Takeaways The U.S. Oil Reserve (USOR) token has become noteworthy for its claims, yet it does not…
Trend Research Reduces Ether Holdings After Major Market Turbulence
Key Takeaways: Trend Research has significantly cut down its Ether holdings, moving over 404,000 ETH to exchanges recently.…
Investors Channel $258M into Crypto Startups Despite $2 Trillion Market Sell-Off
Key Takeaways: Investors pumped approximately $258 million into crypto startups in early February, highlighting continued support for blockchain-related…
NBA Star Giannis Antetokounmpo Becomes Shareholder in Prediction Market Kalshi
Key Takeaways: Giannis Antetokounmpo, the NBA’s two-time MVP, invests in the prediction market platform Kalshi as a shareholder.…
Arizona Home Invasion Targets $66 Million in Cryptocurrency: Two Teens Charged
Key Takeaways Two teenagers from California face serious felony charges for allegedly attempting to steal $66 million in…
El Salvador’s Bukele Approval Reaches Record 91.9% Despite Limited Bitcoin Use
Key Takeaways: El Salvador President Nayib Bukele enjoys a record high approval rating of 91.9% from his populace,…
Crypto Price Prediction for February 6: XRP, Dogecoin, and Shiba Inu’s Market Movements
Key Takeaways: The crypto market experienced a notable shift with Bitcoin’s significant surge, impacting altcoins like XRP, Dogecoin,…
China Restricts Unapproved Yuan-Pegged Stablecoins to Maintain Currency Stability
Key Takeaways: China’s central bank and seven government agencies have banned the issuance of yuan-pegged stablecoins abroad without…
Solana Price Prediction: $80 SOL Looks Scary – But Smart Money Just Signaled This Might Be the Bottom
Key Takeaways Despite Solana’s descent to $80, some traders find security as smart money enters the fray, suggesting…
XRP Price Prediction: Major Ledger Upgrade Quietly Activated – Why This Could Be the Most Bullish Signal Yet
Key Takeaways: The activation of the Permissioned Domains amendment on XRPL represents a significant development in XRP’s potential…
Dogecoin Price Prediction: Death Cross Confirmed as DOGE Falls Below $0.10 – Is DOGE Reaching Zero?
Key Takeaways The death cross event signals potential bearish trends for Dogecoin as its price dips under $0.10,…
Stablecoin Inflows Have Doubled to $98B Amid Selling Pressure
Key Takeaways Stablecoin inflows to crypto exchanges have surged to $98 billion, doubling previous levels amidst heightened market…
February 9th Market Key Intelligence, How Much Did You Miss?
After being questioned by Vitalik, L2s are collectively saying goodbye to the "cheap" era
WEEX AI Trading Hackathon Paris Workshop Reveals: How Retail Crypto Traders Can Outperform Hedge Funds
Witness how WEEX's Paris AI Trading Hackathon revealed AI's edge over human traders. Explore key strategies, live competition results & how to build your own AI trading bot.
U.S. Oil (USOR) Price Prediction 2026–2030
Key Takeaways U.S. Oil (USOR) is a speculative Solana-based crypto project that aims to index the United States…
USOR Surges on Meme Narrative Despite No Real-World Asset Backing
Key Takeaways: USOR, a Solana-based token, has seen a notable surge driven by speculative narratives rather than verifiable…
How to Buy U.S. Oil Reserve (USOR) Cryptocurrency
Key Takeaways U.S. Oil Reserve (USOR) is a Solana-based token primarily traded on decentralized exchanges (DEXs). Claims have…
App