- ZachXBT’s report hyperlinks Circle delays to greater than $420 million in fraudulent USDC circumstances beginning in 2022.
- Drift exploit transferred $232 million in USDC over 6 hours with no freeze motion.
- A number of incidents have resulted in delays of as much as a number of months or no freeze regardless of formal requests.
On-chain investigator ZachXBT has launched detailed findings alleging that stablecoin issuer Circle didn’t act rapidly in a number of incidents involving stolen USDC, with over $420 million in illicit funds reportedly affected since 2022. The findings, revealed in a thread titled “Circle $USDC Recordsdata,” define 15 separate incidents through which the corporate delayed freezing addresses or took no motion in any respect, regardless of requests from legislation enforcement and trade stakeholders.
Based on the report, there have been a number of incidents involving lengthy delays in freezing funds associated to the exploit. In a single case, $3 million of the $16 million stolen from SwapNet remained in a hacker-controlled pockets for 2 days regardless of requests from authorities and personal events to freeze it. In different circumstances, delays starting from a number of hours to as much as 4 months have been reported, though some addresses related to criminality have been reportedly not blocked.
ZachXBT additionally pointed to Circle’s phrases of service, which states that USDC addresses related to criminality might be blocked or blacklisted. He identified that the token’s sensible contract incorporates performance that permits such actions topic to their phrases.
The report additionally cites regulatory obligations, stating that Circle operates below US federal and state monetary frameworks and that circumstances involving monetary crimes might require motion.
Drift exploits and cross-chain transfers elevate considerations
The most recent incident concerned a Drift Protocol exploit that resulted within the theft of roughly $280 million, together with $232 million in USDC. Based on the investigation, the attacker used Circle’s Cross-Chain Switch Protocol (CCTP) to switch funds from Solana to Ethereum, executing over 100 transactions over a interval of greater than six hours.
Throughout this era, Circle didn’t freeze the funds, permitting the attackers to proceed shifting property, the report stated. The incident reportedly had far-reaching implications, with greater than 10 further decentralized finance protocols on Solana being affected.
Comparability with different enforcement actions
The survey outcomes additionally embrace a comparability with responses from different stablecoin issuers. Within the February 2025 Bybit hack attributed to Lazarus Group, ZachXBT reported that one other issuer froze the related addresses inside hours, whereas Circle allegedly took motion about 24 hours later. The report additionally states that 338,000 USDC associated to the incident remained uncovered throughout that interval.
The report concludes that throughout documented circumstances, delays in freezing funds allowed attackers to maneuver property and launder cash, elevating questions on response timelines in high-risk conditions involving stablecoins.
Associated: Drift Protocol Violation Causes As much as $285 Million Loss, Token Drops 42%
Disclaimer: The data contained on this article is for informational and academic functions solely. This text doesn’t represent monetary recommendation or recommendation of any variety. Coin Version just isn’t accountable for any losses incurred because of using the content material, merchandise, or providers talked about. We encourage our readers to do their due diligence earlier than taking any motion associated to our firm.