Following the $285 million Drift hack, attention has turned to Circle (CRCL) and whether more proactive measures could have been taken to prevent the theft of funds.
The attackers managed to steal around $71 million in USDC on Wednesday, as reported by blockchain security firm PeckShield. After converting much of the remaining stolen resources to USDC, they utilized Circle’s cross-chain transfer protocol (CCTP) to transfer approximately $232 million in USDC from Solana to Ethereum, complicating the recovery process.
This move has drawn criticism from various members of the crypto community. Prominent blockchain researcher ZachXBT expressed concern, stating that Circle should have acted more swiftly to minimize the damage. He raised the question on X, noting, “Why should crypto businesses continue to build on Circle when there are nine projects? Didn’t they receive assistance during a major incident?”
To Freeze or Not to Freeze
Circle had a tool for this situation, as ZachXBT pointed out. The company possesses the right to blacklist addresses and freeze USDC linked to suspicious activities, according to their own guidelines.
A founder of a stablecoin infrastructure company remarked to CoinDesk that if Circle had preemptively frozen wallets related to the exploit, it might have curtailed the attackers’ ability to relocate funds. Yet, acting without a court order or a law enforcement request could place Circle at legal risk, they noted.
Salman Banay, general counsel at tokenized asset network Plume, commented on the potential liability of freezing assets without proper authorization. He suggested that regulators need to address this legal ambiguity. “Lawmakers should include protections against civil liability when digital asset issuers freeze assets based on reasonable belief that an illegal transfer has occurred,” Banay stated.
This legal constraint played a crucial role in how Circle responded. A spokesperson conveyed via email to CoinDesk that, “Circle is regulated and adheres to sanctions, law enforcement orders, and court-mandated requirements. We freeze assets when legally obligated to uphold the law and are committed to protecting the rights and privacy of our users.”
“Gray Zone”
This incident underscores a broader tension, particularly as stablecoins attract more scrutiny as they gain traction.
Tokens like USDC are becoming increasingly integral to global financial transactions, especially in cross-border payments. However, they are also vulnerable to misuse, putting pressure on issuers to react promptly when issues arise.
TRM Labs highlighted that around $141 billion in stablecoin transactions in 2025 may have been tied to illegal activities, including sanctions evasion and money laundering.
There are indications that North Korean hackers might be connected to the Drift exploit.
Stablecoins issued by centralized organizations, like Circle’s USDC, are designed to be programmable and controllable. While this allows for the prevention of illicit activities, it raises concerns about potential overreach and the need for due process.
Ben Levitt, the founder and CEO of Bluechip, pointed out the complexity of the situation regarding the Drift exploit. “People are oversimplifying this issue as ‘Circle should have frozen.'” He mentioned that this wasn’t a straightforward hack but rather an exploitation of market dynamics that lands in a gray area.
Levitt further elaborated, asserting that decisions made by Circle in this scenario should be considered as judgment calls rather than merely compliance decisions. Consistency is crucial, in his view: “We can’t present USDC as neutral infrastructure while allowing for discretionary intervention without established rules. The market can adapt to strict policies or no intervention, but ambiguity in pricing is far more challenging.”
This predicament puts issuers in a tough spot. Delaying action can lead to accusations of enabling bad actors, while premature moves without legal foundations raise concerns of overreach.
The trade-off is particularly pronounced during rapid exploits, where opportunities for action often come down to minutes rather than lengthy legal processes.
