Circle Faces Lawsuit After Drift Exploit Over Claims It Took No Action to Freeze the Funds

Key points to remember:

Circle faces claims it failed to freeze stolen USDC after Drift Protocol exploit.
Drift suffered heavy losses, which hurt him Challenge feeling and growing pressure on crypto infrastructure.
Courts could redefine issuers’ obligations as the Circle case progresses.

Table of Contents

The Circle trial puts Stablecoins Monitored controls

Cryptocurrency Markets are facing sharper questions over legal liability after major exploits exposed weaknesses beyond the hacked platform itself. A class action lawsuit filed April 14 focuses on whether Circle Internet Financial had a duty to act after the April 1 Drift Protocol. infringe. The lawsuit focuses on alleged failures related to USDC and Circle’s Cross-Chain Transfer Protocol (CCTP) during the movement of the stolen funds.

Rather than focusing on how the exploit began, the complaint targets what allegedly happened after the theft. Gibbs Mura, A Law Group, which filed the complaint, said:

“The lawsuit accuses Circle Internet Financial of knowingly allowing the attackers, apparently linked to the North Korean government, to dump $230 million of their loot over several hours using Circle’s own network. stable coin USDC and its blockchain fill the CCTP, instead of freezing the funds.

This allegation places Circle’s infrastructure at the center of the dispute. It also examines the question of whether the technical control of stable coin flows and bridging activities can create legal exposure during an active hack. The lawsuit was filed on April 14 and is in its early stages.

Circle addressed the situation on April 10, emphasizing the legal limits on freezing funds and its broader compliance obligations. In a released statement, the company emphasized: “When Circle freezes USDC, it is not because we have decided, unilaterally or arbitrarily, that someone’s assets should be taken away. It is because the law requires us to act.” The company maintained that USDC operates within established regulatory frameworks, meaning that any intervention must be authorized by the relevant legal authorities. He also highlighted the gap between available technical capabilities and current legal structures, saying faster coordinated responses would require regulatory changes rather than unilateral action by issuers.

Drift collapse increases pressure everywhere Challenge

Drift Protocol, a protocol based on Solana decentralized exchangewas compromised by pre-signed administrative transactions prepared weeks in advance. Attackers then executed these permissions to take governance control and drain funds. The exploit cost an estimated $286 million in just a few minutes, with the attackers allegedly using fake collateral, durable casual accounts, and social engineering linked to protocol signatories. This violation also follows the removal of a temporal protection a few days earlier, which generally delays administrative actions.

Separately, Tether moved to stabilize the situation with a $150 million support plan following the exploit. This response highlights how stable coin issuers may intervene differently during crisis events, offering liquidity or support rather than restrict flows.

The law firm said Drift’s total blocked value fell from about $550 million to less than $250 million after the attack. He also noted at least 20 other Challenge protocols reported indirect losses from drift exposure, while the DRIFT token declined by over 40%. The case could become an important test of how courts view the responsibilities of crypto infrastructure providers after high-value breaches. The law firm noted:

“After the exploit, the attackers reportedly recovered more than $230 million worth of USDC stolen from Solana to Ethereum using Circle’s own infrastructure – over 100 transactions over eight hours. Circle would not have taken any action to freeze the funds, even though it had the technical and contractual authority to do so.

This claim could shape the debate over whether issuers and bridges are passive service providers or active control points in a crisis. For now, the lawsuit remains ongoing and its early status means the allegations have not been tested in court.