Circle USDC CCTP alleged inaction during Drift hack

Published: 2026-04-02 00:52:44 |

On April 2, on-chain investigator ZachXBT alleged that Circle USDC failed to intervene during the Drift protocol hack. According to his X thread, attackers exploited the Drift exploit on Solana, drained funds, then bridged stolen USDC to Ethereum using Circle’s Cross-Chain Transfer Protocol (CCTP). ZachXBT claims Circle processed the cross-chain transfers without triggering pause or security controls, allowing the full theft to complete. A key comparison in the post highlights alleged inconsistent security responses. ZachXBT points to a prior action from March 26, when Circle reportedly froze 16 exchange-connected wallets for compliance reasons. He contrasts that with the Drift hack timeline, where he says Circle took no comparable action at the protocol level while CCTP moved funds. The article also reiterates how CCTP works: it burns USDC on the source chain and mints equivalent tokens on the destination chain via smart contracts. The claim is that the expected layers—contract verification, validation checks, monitoring, and emergency pause—did not stop the illicit flow. For traders, the headline risk is reputational and policy uncertainty around stablecoin infrastructure and cross-chain security. Circle USDC is central to many DeFi integrations, so questions about cross-chain monitoring gaps could weigh on sentiment toward bridges, stablecoin settlement rails, and any assets exposed to rapid cross-chain theft events.

Bearish

This story centers on allegations that Circle USDC did not halt CCTP processing during the Drift exploit, despite reportedly freezing exchange-connected wallets in a different context (Mar 26). That kind of “inconsistent response” narrative typically hits stablecoin-rail confidence and can spill over into bridge and cross-chain DeFi sentiment. In the short term, traders may prefer lower exposure to cross-chain risk (bridges, wrapped assets, and protocols relying heavily on USDC settlement) and expect higher volatility around stablecoin infrastructure headlines. In the longer term, if regulators or industry groups demand clearer security standards for stablecoin issuers and cross-chain monitoring, it could lead to compliance-driven changes—potentially reshaping integrations and liquidity flows. Comparable market behavior has appeared after major bridge incidents: when monitoring/pausing mechanisms are questioned, liquidity often shifts toward safer venues until issuers and protocol teams provide concrete technical clarifications and remediation timelines. Until Circle USDC addresses the claims, the tone is likely to remain cautious, which aligns with a bearish bias.