TLDR
- Cybercriminals drained $285 million from the Drift protocol, transferring $232 million in USDC between blockchains via Circle’s cross-chain transfer protocol
- Crypto investigator ZachXBT criticized Circle for not freezing the stolen assets quickly enough
- Circle maintains it freezes funds exclusively when mandated by legal authorities or court directives
- According to ZachXBT, Circle has neglected to freeze $420 million in stolen USDC across 15 incidents since 2022
- Legal professionals caution that freezing crypto without proper legal authorization could create liability risks for Circle
The stablecoin giant Circle is under scrutiny following its response to this week’s massive $285 million Drift protocol security breach.
The perpetrators directly extracted approximately $71 million in USDC from Drift’s platform. Following the conversion of most other pilfered digital assets into USDC, the attacker leveraged Circle’s proprietary cross-chain transfer protocol (CCTP) to shuttle roughly $232 million in USDC from the Solana blockchain to Ethereum.
This cross-chain movement significantly complicated fund recovery efforts and thrust Circle into a controversial position.
Prominent blockchain sleuth ZachXBT emerged as a vocal critic of Circle’s response. He contended that Circle possessed the technical capabilities to blacklist addresses and immobilize funds but failed to deploy these measures promptly during the ongoing attack.
“Why should crypto businesses continue to build on Circle when a project with nine-figure TVL could not get support during a major incident?” he posted on X.
Circle’s Official Response
Circle rejected the accusations. A company representative informed CoinDesk that as a regulated financial entity, Circle freezes assets exclusively when legally mandated, including through judicial orders or official law enforcement requests.
“We freeze assets when legally required, consistent with the rule of law and with strong protections for user rights and privacy,” the spokesperson said.
Salman Banei, who serves as general counsel for tokenized asset platform Plume, supported Circle’s stance. He emphasized that freezing cryptocurrency without appropriate legal authorization could create significant liability exposure for stablecoin issuers. Banei advocated for legislative action to establish legal safe harbor provisions enabling issuers to respond more rapidly in unambiguous theft situations.
Not everyone in the cryptocurrency sector views this incident as straightforward. Ben Levit, who leads stablecoin ratings firm Bluechip as CEO, characterized the Drift exploit as primarily involving market and oracle manipulation rather than a conventional hack, positioning it within a murky legal territory.
“Any action by Circle becomes a judgment call, not just a compliance decision,” Levit said.
ZachXBT Alleges Systematic Failures
ZachXBT escalated his criticism by presenting broader allegations that Circle has consistently failed to freeze or blacklist approximately $420 million in illicit USDC transactions spanning 15 distinct incidents since 2022.
Within these documented cases, he asserts Circle neglected to freeze $9 million stolen during the GMX exchange breach in July 2025, and that addresses associated with the $200 million Cetus DEX exploit were blacklisted only after the stolen funds had already been converted away from USDC.
He noted the $420 million estimate encompasses only high-profile public incidents and suggested the actual total likely exceeds this amount substantially.
Circle had previously investigated implementing “reversible” USDC transactions in September 2025, functionality that would enable the reversal of transfers in theft scenarios. The company has frozen USDC previously, notably including assets connected to Tornado Cash addresses sanctioned by US authorities in 2022.
Cybersecurity researchers specializing in blockchain analysis have attributed the Drift exploit to hacking groups affiliated with the North Korean state.
Get 3 Free Stock Ebooks
Discover top-performing stocks in AI, Crypto, and Technology with expert analysis.
- Top 10 AI Stocks - Leading AI companies
- Top 10 Crypto Stocks - Blockchain leaders
- Top 10 Tech Stocks - Tech giants
