Flow enters phase 2 of hack recovery… "Exchange left suspicious transactions unattended"

The Flow (FLOW) Foundation is accelerating recovery efforts for a hacking loss of $3.9 million while raising suspicions that a specific centralized exchange (CEX) aided money laundering.

On the 1st (local time), the Flow Foundation said on its official X that "the recovery plan has made significant progress and has entered phase 2." This is a follow-up measure after fully abandoning the blockchain rollback (reversal) option that was initially under consideration. Previously, the foundation had proposed rolling the network back to a point before the incident to recover the hacking losses, but the proposal faced strong criticism from the community that it "would undermine decentralization values and pose security risks."

The foundation said, "Developers have secured a path to restore Ethereum Virtual Machine (EVM) functionality," and explained that "recovery work on its native language, Cadence (Cadence), and the EVM will proceed simultaneously." According to the foundation, all recovery processes will be transparently disclosed via a block explorer, and the community governance committee is executing clean-up transactions with validators' approval.

The foundation also strongly criticized the response of a certain unnamed exchange in relation to the incident. In a post-incident report, the foundation pointed out, "Immediately after the hack, a single account deposited 150 million FLOW, equivalent to 10% of the total supply, into that exchange," and "this account exchanged a substantial amount into Bitcoin (BTC) within just a few hours and withdrew more than $5 million."

It added, "These trading patterns are a clear failure of anti-money laundering (AML) and know-your-customer (KYC) measures," and "the exchange shifted financial risk onto users who bought the fraudulent token." The foundation requested an explanation of the trading patterns from the exchange but reportedly received no response.