<\/p>\n
Blockchain investigator ZachXBT has publicly accused Circle of failing to freeze stolen USDC as it moved through the company\u2019s own cross-chain infrastructure during the $285 million Drift Protocol exploit on April 1, 2026 \u2014 raising pointed questions about when and why the stablecoin issuer chooses to exercise its freeze authority.<\/p>\n
<\/p>\n
The April 1 attack on Drift, a Solana-based decentralized perpetuals exchange, was flagged by security firm PeckShield. Using a manipulated oracle and compromised admin key, the attacker drained Drift\u2019s main vault in approximately 12 minutes, according to blockchain analytics firm Arkham. Drift\u2019s total value locked fell from roughly $550 million to under $300 million within an hour. The DRIFT token dropped more than 40%. Over ten additional Solana protocols reported disruption.<\/p>\n
After converting most of the stolen assets to USDC, the attacker used Circle\u2019s Cross-Chain Transfer Protocol (CCTP) to bridge approximately $232 million from Solana to Ethereum across more than 100 transactions \u2014 over six consecutive hours during U.S. business hours.<\/p>\n
\u201cCircle was asleep while many millions of USDC were swapped via CCTP from Solana to Ethereum for hours from the 9-figure Drift hack during US hours,\u201d ZachXBT wrote on X.<\/p>\n
The criticism cuts sharper given the timing. Just nine days earlier, on March 23, Circle froze USDC across 16 unrelated business hot wallets \u2014 including one belonging to the DFINITY Foundation \u2014 as part of a sealed U.S. civil case. ZachXBT called that freeze \u201cpotentially the single most incompetent\u201d action he had witnessed in five years of on-chain investigations.<\/p>\n
<\/p>\n
The contrast \u2014 aggressive action against legitimate businesses, inaction during a confirmed nine-figure exploit transiting Circle\u2019s own bridge \u2014 has reignited debate over how centralized stablecoin governance actually works in practice. Security researcher Specter noted the attacker deliberately avoided converting funds to Tether\u2019s USDT, appearing confident Circle would not intervene.<\/p>\n
Circle responded: \u201cCircle is a regulated company that complies with sanctions, law enforcement orders, and court-mandated requirements. We freeze assets when legally required, consistent with the rule of law and with strong protections for user rights and privacy.\u201d<\/p>\n
Salman Banei, general counsel at Plume, warned that freezing assets without authorization could expose Circle to legal liability. Ben Levit, CEO of stablecoin ratings agency Bluechip, described the situation as \u201ca gray area,\u201d noting this was an oracle exploit rather than a clean hack. Blockchain analytics firm Elliptic identified multiple indicators suggesting North Korean hackers were responsible for the Drift exploit.<\/p>\n
As crypto hack losses had moderated significantly in the months preceding this incident, the $285 million Drift hack marks a stark reversal \u2014 and the Circle debate it has sparked may have lasting implications for how the broader stablecoin regulatory framework is written, particularly around freeze authority and issuer accountability.<\/p>\n
<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"
Blockchain investigator ZachXBT has publicly accused Circle of failing to freeze stolen USDC as it moved through the company\u2019s own cross-chain infrastructure during the $285 million Drift Protocol exploit on…<\/p>\n","protected":false},"author":1,"featured_media":16502,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-25043","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/25043","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=25043"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/25043\/revisions"}],"predecessor-version":[{"id":25044,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/25043\/revisions\/25044"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/16502"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=25043"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=25043"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=25043"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}