Investors hit by the $285 million Drift exploit are exploring potential claims against stablecoin issuer Circle for allegedly letting stolen USDC▲$0.9998 move freely.
Circle, the issuer of the second-largest stablecoin by market cap USDC, could face legal scrutiny after one of Solana’s largest DeFi hacks shook markets earlier this month.
In a Tuesday press release, April 7, law firm Gibbs Mura, A Law Group urged Drift users to explore a potential class action lawsuit after about $285 million was stolen on April 1 in what the exchange described as a targeted social-engineering attack.
The legal angle focuses on what Circle didn’t do after the theft. Per reports, much of the stolen funds were moved from Solana to Ethereum using Circle’s cross-chain system, which lets assets flow between different blockchains.
Moreover, a blockchain tracking account MLM specified in an X post that the largest share of the stolen assets was in USDC (over $60 million), followed by roughly $5.6 million in USDT▼$0.9989, $4.4 million in Wrapped Bitcoin, and other tokens.
Some in the crypto community noted that the stablecoin issuer had several hours to freeze the funds but took no action, despite having frozen unrelated wallets days earlier in a separate civil matter. The law firm wrote:
“Our attorneys are reviewing potential Drift investor claims against Circle Internet Financial for its alleged failure to act despite having the technical ability, contractual authority, and operational precedent to intervene.”
Gibbs Mura, A Law Group, has opened an investigation into whether Circle had the technical and contractual ability to intervene and whether failing to act could breach duties to users who rely on USDC.
What Happened to Drift
According to Drift’s post-mortem on April 5, hackers used a months-long social-engineering campaign, posing via intermediaries as a “quantitative trading firm” and building trust with Drift contributors in person. They even deposited over $1 million into Drift before the theft.
In other words, the attack took advantage of human errors and gaps in monitoring system, not flaws in the project’s code itself. Attackers reportedly gained pre-signed transaction approvals from the protocol’s 2-of-5 multisig system, which had also been mysteriously updated just days before the exploit.
Drift’s native token DRIFT has dropped over 37% since the incident. Analysts say the protocol’s annualized revenue is small relative to the loss, making recovery challenging. As of press time, Circle made no public statements on the matter.
