More than $230 million in stolen USDC was transferred via Circle’s CCTP protocol.
“Circle does not collaborate with companies and seeks to curry favor with governments,” says the researcher.
The community of the cryptocurrency ecosystem and security analysts have expressed a strong rejection of the company Circle, issuer of the stablecoin USD Coin (USDC) after the massive hack of the Drift protocol, based on Solana, where an attacker managed to steal more than 280 million dollars.
Even though the incident occurred during US business hours, Circle is accused of allowing the flow of stolen assets for more than six hours without intervening, facilitating the movement of funds to other networks.
On platform
ZachXBT, an investigator who has followed the case, rated Circle as a “bad actor” for the digital asset industry, noting that the issuer remained dormant while $230 million was exchanged in broad daylight.
The analyst stressed that Circle chooses not to collaborate with the private sector and instead “seeks to ingratiate itself with government regulators” through lobbying, “using words like compliance or buzz regulation,” but without implementing real solutions.
For his part, X user, @torabyou, express his astonishment at the lack of supervision: «I’m shocked. I’m surprised they haven’t frozen the accounts. Aren’t there teams monitoring the large amounts of money being transferred this way? “Honestly, I am surprised that an attack of such magnitude on such a well-known DeFi application did not have a special monitoring system.”
In tune, the market analyst known as Castillo Trading lament that the industry is centralizing “to line the pockets of government officials, crushing retail,” while “genuine and dedicated participants continue to be punished.”
Along similar lines, the cryptocurrency trader known as Crypto Horizon remembered that Circle froze $160 million of Tornado Cash in 2022 in a matter of hours, which makes the current paralysis in the face of the Drift robbery incomprehensible.
For him, “this highlights the paradox of ‘decentralized finance’ built on a centralized infrastructure.”
From the technical side, the Solana White Hat security analysis account argument that while Circle’s Cross-Chain Transfer Protocol (CCTP) design is permissionless, the company must actively monitor its blacklist. According to them, six hours of inaction does not represent a technological limitation, but a systematic process failure.
Neither Circle nor Drift responded to a query made by CriptoNoticias about this incident.
What happened to Drift and Circle?
According to Drift, the largest Solana perpetual futures exchange, the incident was should have to a sophisticated attack involving accounts lasting nonces and complex social engineering that allowed the attacker to obtain administrative control, as reported by CriptoNoticias. The company explained that by taking over Drift’s security board, the attacker removed withdrawal limits and emptied loan deposits and vaults.
According to researchers, such as ZachXBT, using Circle’s CCTP protocol the attacker moved over $230 million in USDC from Solana to Ethereum via over 100 atomic transactions.
According to the analyst, the delay in Circle’s response allowed the attacker to exchange much of the loot for ether (ETH), which significantly hinders asset recovery efforts.
Part of these movements were confirmed by security and analytics firm PeckShield, which identified the conversion of stolen funds to Drift using Circle’s CCTP protocol.
The Drift case reveals the vulnerability of the protocols to the speed of transfers between chains and the lack of immediate response protocols by stablecoin issuers.
The community demands transparency and clear service level agreements (SLAs), warning that Circle’s silence in the face of these events erodes trust in the cryptocurrency ecosystem.