- Circle’s delayed USDC freezes contributed to over $420M lost across multiple hacks.
- High-profile thefts reveal gaps in Circle’s compliance compared to peers like Tether.
- DPRK-linked addresses exploited inaction, raising serious national security concerns.
Circle, the issuer of USDC, faces growing questions about its compliance practices after a series of high-profile thefts. According to blockchain researcher ZachXBT, over $420 million in public losses have occurred since 2022 due to alleged inaction on illicit USDC transactions.
The incidents span multiple chains and involve law enforcement and private-sector freeze requests that were largely ignored or delayed.
USDC Freeze Delays Raise Compliance Questions
USDC is a centralized stablecoin pegged 1:1 to the U.S. dollar and marketed as fully regulated. The token’s contract allows Circle to freeze funds or blacklist addresses, and its terms of service explicitly permit action against suspected illicit actors.
Despite these safeguards, several cases show delayed responses when stolen funds were held in the USDC. In multiple incidents, attackers were able to bridge, swap, or move funds before any freeze action occurred.
High-Profile Hacks Highlight Gaps
On April 1, 2026, Drift Protocol lost $280 million after an exploiter bridged 232 million USDC from Solana to Ethereum using CCTP. Despite the funds moving through Circle’s infrastructure over several hours, no freeze was executed.
Similarly, SwapNet lost $16 million in January 2026, yet USDC remained unblocked despite law enforcement and private requests. Other incidents include Cetus Protocol ($223 million), Mango Markets ($110 million), and Nomad Bridge ($190 million), each demonstrating delays or inaction.
The trend continues across smaller cases. In December 2023, a Ledger supply chain attack left $600,000 in USDC exposed for over three hours.
In October 2024, Radiant Capital suffered a $58 million theft, with USDC remaining in exploiter addresses for hours. Each example shows Circle often lagging behind other stablecoin issuers, including Tether and Paxos, which acted faster on comparable thefts.
Compliance and Community Concerns
Besides delayed action, Circle’s handling raises broader questions about who it serves. The company has every tool and regulatory backing to act decisively, yet repeated delays have allowed nine-figure losses.
ZachXBT’s research also linked some exploiter addresses to DPRK-associated networks, raising national security concerns. The findings highlight risks tied to delayed compliance actions, especially when sanctioned entities may be involved.
With USDC widely used across DeFi protocols and cross-chain bridges, response times to illicit activity remain critical. The report adds pressure on Circle to demonstrate faster enforcement and stronger compliance controls as stablecoin scrutiny increases globally.
Related: What Happens to Oil, Stocks, and Bitcoin When the Strait of Hormuz Reopens?
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
