.png){kind=logo}
USDC Stablecoin issuer Circle is facing a class-action lawsuit following a $280 million Drift Protocol hack on April 1. The case emphasizes the growing scrutiny of centralized entities’ role in decentralized finance, particularly at the time of massive security breaches.
Attackers drained around $280 to $285 million of the Solana-based Drift Protocol in less than 12 minutes, according to court filings. The stolen funds were then transferred over an estimated eight-hour timeframe, where almost $230 million of USDC was moved from Solana to Ethereum through the Cross-Chain Transfer Protocol (CCTP) of Circle.
Filed in a district court in Massachusetts by an investor, Joshua McCollum, on behalf of more than 100 members, the lawsuit alleges that Circle did not intervene despite being in a position to freeze the funds.
“Circle permitted this criminal use of its technology and services,” attorneys representing McCollum wrote, adding “These losses would not have occurred, or would have been substantially reduced, had Circle taken timely action.”
The plaintiffs accuse Circle of conspiracy and negligence, claiming that the firm did nothing to stop illegal transfers from being executed. The complaint highlights that Circle had earlier frozen 16 wallets in a different civil case, which suggests that it can do what is needed.
Such alleged inconsistency is one of the key points of this case: If funds can be frozen under certain conditions, why did it not happen under one condition, how come it did not happen in the case of a massive exploit, which involved hundreds of investors?
To make the situation even more complex, Crypto analytics firm Elliptic suspects that the attack was carried out by North Korean state-backed hackers, who made over 100 transactions via Circle’s bridging technology, which is issued by the stablecoin company.
The attack caused a ripple effect in DeFi. The total value locked (TVL) of Drift reportedly decreased by approximately $550 million to less than $250 million, and at least 20 other protocols had indirect exposure losses. The site also halted deposits and withdrawals, which only increased the panic among investors.
Also Read: Major Bitcoin Depot Hack Exposes $3.6M Loss in SEC Filing
The situation highlights a more general conflict in crypto: should businesses interfere with decentralized systems? ARK Invest’s director of research for digital assets, Lorenzo Valentee, argued that Circle made the right decision by not freezing funds with any legal order.
He said, “Every future freeze is now a judgment call. Every non-freeze is a political statement. Why freeze the Drift hacker but not that sketchy Nigerian fraud wallet? Why this protester but not that one?”
