Circle Criticized Over $285M Drift Hack, Failed USDC Freeze
After a $285 million exploit on Drift, criticism mounts over Circle's inaction to freeze stolen USDC, with the attacker bridging $232 million from Solana to Ethereum via CCTP. Circle says it needs legal authorization, highlighting tension between centralized control and regulatory clarity.
Quick Take
Circle under fire for not freezing $232M in USDC after Drift exploit.
Attacker used CCTP to bridge funds from Solana to Ethereum.
Regulatory gray area: Circle says it needs legal authorization to freeze.
Experts argue for safe harbor rules to enable faster intervention.
Market Impact Analysis
BearishThe high-profile hack and potential regulatory backlash could dampen confidence in stablecoins and DeFi, triggering short-term selling pressure.
Speculation Analysis
Key Takeaways
- Circle faces backlash for not freezing $232 million in USDC after a major exploit on Drift.
- The attacker used Circle’s CCTP to move funds from Solana to Ethereum, complicating recovery.
- A regulatory gray area leaves stablecoin issuers uncertain about freezing assets without court orders.
- Experts push for safe harbor rules to let issuers act quickly against illicit activity without liability.
- $141 billion in stablecoin transactions this year were tied to illegal flows, adding urgency.
What Happened
A massive $285 million exploit hit the Drift protocol, with the attacker draining roughly $71 million directly in USDC. After converting most of the remaining stolen assets into USDC, the hacker used Circle’s Cross-Chain Transfer Protocol (CCTP) to bridge about $232 million from Solana to Ethereum. Circle did not freeze the USDC, despite having the technical ability to blacklist addresses under its terms of service. The company said it requires a court order or law enforcement request, citing compliance with legal requirements. Blockchain investigator ZachXBT led the public criticism, arguing that the inaction undermined trust in building on Circle.
The Numbers
The Drift hack ranks among the largest DeFi exploits in recent history. Of the $285 million stolen, $71 million was in USDC directly from the protocol. The attacker then converted other tokens and moved $232 million in USDC to Ethereum via CCTP. Blockchain security firms suspect North Korean hackers behind the attack. Meanwhile, stablecoin illicit activity is soaring: TRM Labs reports $141 billion in stablecoin transactions linked to sanctions evasion and money laundering in 2025 alone, intensifying calls for tighter controls.
Why It Happened
Circle operates under a regulated framework that requires legal authorization to freeze assets. Acting without a court order could expose the company to liability, according to legal experts. Salman Banei of Plume Network noted that lawmakers should create a safe harbor from civil liability for issuers that freeze funds in good faith when illicit activity is reasonably suspected. The gap leaves centralized stablecoin issuers in a bind — technically able to block theft but legally cautious. This tension is not new but was sharply exposed by the speed and scale of the Drift exploit.
Broader Impact
The incident may accelerate regulatory efforts to define when stablecoin issuers can intervene. If safe harbor provisions are adopted, it could set a precedent for faster freeze actions in future hacks. However, it also fuels the debate over centralized control in decentralized networks. For DeFi builders, reliance on USDC now carries an added risk: the issuer might not act even when it technically can, leaving protocols exposed.
What to Watch Next
- Regulatory response: Watch for lawmakers or agencies proposing safe harbor rules — a draft bill could surface given the magnitude of the hack.
- Funds movement: On-chain sleuths will track the bridged USDC on Ethereum; any movement to mixers or exchanges could heighten urgency.
- Circle’s policy shift: Pressure may force Circle to revise its freeze policy or seek clarity from regulators, potentially altering USDC’s risk profile.
This article is for informational purposes only and does not constitute financial advice.
Always late to trends?
Join for the latest news, insights & more.
Disclaimer: Bytewit is an independent media outlet that delivers news, research, and data.
© 2026 Bytewit. All Rights Reserved. This article is for informational purposes only.
