Circle Sued Over $280M Drift Protocol Hack: Plaintiffs Allege Deliberate Inaction
Circle, the prominent issuer behind the USDC stablecoin, is facing a significant lawsuit in Massachusetts. The legal action, tied to the audacious $280 million Drift Protocol hack that occurred on April 1, accuses Circle of failing to freeze stolen funds despite possessing the technical capability and contractual authority to intervene.
Drift Protocol Suffers Swift and Devastating Attack
The complaint, filed by plaintiffs represented by the law firm Gibbs Mura, details how attackers drained an estimated $280 million to $285 million from the Solana-based Drift Protocol in under 12 minutes. The stolen assets were subsequently moved from Solana to Ethereum over roughly eight hours, utilizing Circle's Cross-Chain Transfer Protocol (CCTP). This rapid siphoning caused Drift's total value locked (TVL) to sharply decline from approximately $550 million to less than $250 million, prompting an indefinite suspension of all deposits and withdrawals on the platform.
Allegations of Circle's Failure to Act
A key argument in the lawsuit is that Circle consciously chose not to freeze the illicitly transferred assets. Plaintiffs highlight an incident just nine days prior to the Drift attack, where Circle reportedly froze 16 unrelated business wallets. This earlier action, they contend, clearly demonstrates Circle's capacity and willingness to halt funds when it deems necessary. Despite this established precedent, the lawsuit alleges that Circle neglected to freeze the stolen USDC and other assets that were converted into USDC following the hack, thereby allowing attackers to offload up to $230 million onto the Ethereum blockchain via the very CCTP it operates.
