Circle's USDC Under Fire After $285M Drift Hack Exposes Stablecoin Freeze Dilemma

The $285 million Drift protocol hack has reignited debate over whether Circle, issuer of the USDC stablecoin, should have done more to prevent stolen funds from moving freely across blockchains. Blockchain security firm PeckShield confirmed that approximately $71 million in USDC was directly siphoned during the exploit. The attacker then converted remaining stolen assets into USDC and bridged roughly $232 million from Solana to Ethereum using Circle's own Cross-Chain Transfer Protocol (CCTP), complicating recovery efforts significantly.

The incident drew sharp criticism from prominent blockchain investigator ZachXBT, who publicly questioned why Circle didn't act faster given that it technically holds the power to blacklist wallet addresses and freeze suspicious USDC holdings under its own terms of service. His comments resonated with many in the crypto community who expected faster intervention during such a high-value attack.

Circle defended its position, stating it operates as a regulated company that only freezes assets when legally required through sanctions enforcement, court orders, or law enforcement directives. Legal experts highlighted the real risk issuers face when taking unilateral action without formal authorization. Salman Banei, general counsel at Plume, called on lawmakers to create a liability safe harbor for digital asset issuers who freeze funds based on reasonable suspicion of illicit activity.

The debate reflects a broader tension facing centralized stablecoin issuers as USDC and similar tokens become critical infrastructure for global payments. According to TRM Labs, illicit stablecoin transactions reached roughly $141 billion in 2025 alone. North Korean hackers have been identified as likely suspects in the Drift exploit.

Industry observers warn that USDC cannot function as neutral financial infrastructure while simultaneously applying discretionary intervention without clearly defined rules. In fast-moving crypto exploits, the window to act is often just minutes — far shorter than any legal process allows.