ZachXBT Calls Out Circle for Inaction on Illicit USDC Activity

Blockchain investigator ZachXBT called out Circle on X today over how it handled cases of illicit activity involving its stablecoin, USDC. 

In a long post, ZachXBT said there have been over $420 million in alleged compliance failures since 2022, with at least 15 cases where the company took little or no action, even though it had the power to stop the funds.

ZachXBT noted the stolen USDC could have been frozen 

ZachXBT explained that USDC is a centralized stablecoin, meaning it is controlled by Circle and designed to stay equal to the US dollar at a 1:1 rate. Because of this control, Circle can freeze or block wallet addresses linked to crime.

He also pointed out that the token contract already includes a freeze and blacklist function and that the company’s rules say it can restrict access to funds when it suspects illegal activity. Even with this setup, he shared lots of cases where action was delayed or not taken at all.

“Its token contract includes a freeze/blacklist function, and its terms of service explicitly state it reserves the right to restrict access for suspected illicit actors ‘in its sole discretion,’” he said. 

High-profile hacks highlighted by ZachXBT

One case he shared was the recent Drift Protocol that happened in April 2026, where the platform was exploited for $280 million. The attacker moved more than $230 million in USDC from the Solana blockchain to Ethereum using Circle’s Cross-Chain Transfer Protocol. This process, known as bridging, allows funds to be transferred between different blockchains. 

According to ZachXBT, the attacker carried out over 100 transactions across a six-hour period. He said, “6 hours is how long Circle had to freeze stolen funds from the $280M+ Drift hack,” but nothing was done during that time. 

He added, “10+ additional DeFi protocols across the Solana ecosystem were indirectly impacted.” The attacker was later linked to North Korea by blockchain analytics firm Elliptic.

Another case he mentioned was SwapNet, which happened on January 25, 2026. About $16 million was stolen during this hack. ZachXBT reported that approximately $3 million in USDC remained in the exploiter’s wallet for two days. 

During that time, requests were sent to Circle by law enforcement and other experts asking them to freeze the funds, but “both were unsuccessful.”

He added that one victim even tried to get a court order in New York, but “the funds were swapped hours before the TRO was granted,” meaning the funds were already moved before the legal action could stop it.

He also referenced a May 22, 2025, exploit involving Cetus Protocol, where $223 million was stolen. In that case, the attacker bridged $61 million in USDC from the Sui blockchain to Ethereum across more than 60 transactions within about 1.5 hours. 

ZachXBT stated that both the Cetus team and private sector experts requested Circle to freeze the theft address, but the company “blacklisted the address one month later, after the USDC had already been converted to ETH.”

Other similar cases mentioned

ZachXBT didn’t stop there. He went on to mention other similar cases where Circle failed to act quickly, including the Mango Market Hack in 2022, where about $110 million was exploited, as well as Nomad Bridge, which lost $190 million in the same year, GMX’s $40 million loss in 2025, Remitano’s $8.5 million hack in 2023, and many more.

“History has shown that Circle is a bad actor… Why should anyone continue building on $USDC when you never take care of your users’ funds?” he wrote in a post during the SwapNet attack.

At the time of this writing, Circle has not responded to these allegations. However, the crypto space appears to have taken note of these incidents as well. 

Also Read: Drift’s $230M Hack Looks Like Bybit All Over Again: Ledger CTO

Follow The Crypto Times on Google News to Stay Updated!