Scrutiny on Circle (CRCL) Following $285 Million Drift Hack: Could More Have Been Done?

Title: After $285 Million Drift Hack, Circle Faces Scrutiny Over Response

In the wake of the staggering $285 million hack of the decentralized trading platform Drift, the spotlight is now on Circle (CRCL), the issuer of the USDC stablecoin, and whether it could have acted more decisively to mitigate the fallout.

According to blockchain security firm PeckShield, the attacker managed to siphon off approximately $71 million in USDC during the exploit on Wednesday. Following the breach, the hacker converted a significant portion of the stolen assets into USDC and utilized Circle’s cross-chain transfer protocol (CCTP) to bridge around $232 million from Solana to Ethereum, complicating recovery efforts.

This rapid movement of funds has sparked criticism within the crypto community. Notably, blockchain investigator ZachXBT questioned Circle’s response time, suggesting that the company could have done more to limit the damage. In a post on X, he asked, “Why should crypto businesses continue to build on Circle when a project with 9-figure TVL could not get support during a major incident?”

To Freeze or Not to Freeze

Circle had tools at its disposal to potentially freeze the funds linked to the exploit. Under its own terms, the company reserves the right to blacklist addresses and freeze USDC associated with suspicious activity. A founder of a stablecoin infrastructure firm suggested that preemptively freezing wallets tied to the exploit could have curtailed the attacker’s ability to move funds.

However, the decision to act without a court order or law enforcement request poses legal risks, according to industry experts. Salman Banei, general counsel of tokenized asset network Plume, emphasized that freezing assets without formal authorization could expose issuers to liability. He called on regulators to create a safe harbor for digital asset issuers who act in good faith to freeze assets when they suspect illicit activity.

“Lawmakers should provide a safe harbor from civil liability if digital asset issuers freeze assets when, in their reasonable judgment, there is strong basis to believe that illicit transfers have occurred,” Banei stated.

In response to the incident, a Circle spokesperson reiterated the company’s commitment to regulatory compliance. “Circle is a regulated company that complies with sanctions, law enforcement orders, and court-mandated requirements,” they said. “We freeze assets when legally required, consistent with the rule of law and with strong protections for user rights and privacy.”

Navigating the Gray Zone

This incident underscores a growing tension in the stablecoin sector, where tokens like USDC are increasingly integral to global financial transactions but are also susceptible to misuse. According to TRM Labs, an estimated $141 billion in stablecoin transactions in 2025 were linked to illicit activities, including sanctions evasion and money laundering.

Blockchain security experts have pointed to North Korean hackers as potential culprits behind the Drift exploit. The nature of stablecoins issued by centralized entities like Circle allows for programmability and control, which can help curb illicit flows but also raises concerns about overreach and due process.

Ben Levit, founder and CEO of stablecoin ratings agency Bluechip, cautioned against oversimplifying the situation. “This wasn’t a clean hack; it was more of a market/oracle exploit, which puts it in a gray zone,” he explained. “Any action by Circle becomes a judgment call, not just a compliance decision.”

Levit highlighted the need for consistency in how USDC is positioned in the market. “USDC can’t be positioned as neutral infrastructure while also allowing discretionary intervention without clear rules,” he said. “Markets can handle strict policies or no intervention, but ambiguity is much harder to price.”

As the crypto landscape evolves, issuers like Circle find themselves in a precarious position. The balance between swift action to prevent illicit activity and the need for legal backing is delicate, especially in fast-moving exploits where the window to act can be measured in minutes.

As the investigation into the Drift hack continues, the crypto community watches closely, eager to see how Circle navigates this challenging terrain and what implications it may have for the future of stablecoins.