Circle Faces Criticism Over Response to $285 Million Drift Hack

The recent $285 million hack of Drift has placed Circle, the issuer of USDC, under intense scrutiny for its response to the theft. Following the exploit, the hacker siphoned approximately $71 million in USDC and later converted the remaining stolen assets into USDC, using Circle’s cross-chain transfer protocol, CCTP, to move about $232 million from Solana to Ethereum. This move has drawn criticism from the crypto community, including blockchain investigator ZachXBT, who questioned why crypto businesses should continue to build on Circle if a project with significant TVL could not receive support during a major incident. Circle has the capability to freeze USDC tied to suspicious activity under its terms, but acting without a court order or law enforcement request could expose the company to legal risks. Salman Banei, general counsel of Plume, highlighted the need for regulatory clarity, suggesting that lawmakers should provide a safe harbor from civil liability if issuers freeze assets based on reasonable judgment. The company’s response emphasized its commitment to compliance with legal mandates, stating that it freezes assets only when legally required. The incident underscores the growing tension as stablecoins become integral to global financial flows, yet also face misuse in illicit activities. According to TRM Labs, around $141 billion in stablecoin transactions in 2025 were linked to illicit activity, including sanctions evasion and money laundering. The Drift exploit, potentially linked to North Korean hackers, has raised questions about the balance between control and neutrality in stablecoin infrastructure. Ben Levit of Bluechip noted that the situation is not black and white, as the exploit involved a market/oracle issue, placing it in a gray zone. He emphasized the need for clear rules to avoid ambiguity, which complicates market stability. The challenge for issuers like Circle is to navigate the fine line between acting swiftly to prevent losses and adhering to legal boundaries, a task that becomes increasingly difficult in fast-moving exploits where the window to act is often measured in minutes.