‘The Circle USDC Files’: ZachXBT Finds $420M In Suspect Transactions, Weak Oversight

bitcoinistPublished on 2026-04-04Last updated on 2026-04-04

Abstract

On-chain investigator ZachXBT's report, "The Circle USDC Files," alleges over $420 million in compliance failures by Circle related to its stablecoin USDC since 2022. The report claims Circle repeatedly failed to use its on-chain freezing and blacklist functions to halt stolen funds in high-profile DeFi exploits, despite having the contractual right and technical capability to do so. Notable cases include the April 2026 Drift Protocol hack ($280M) and the January 2026 SwapNet attack ($16M), where Circle allegedly delayed or refused freeze requests from law enforcement and analysts. Compared to other stablecoin issuers, Circle was significantly slower to act, taking months longer to freeze addresses in some instances. ZachXBT argues this pattern of inaction has caused nine-figure losses to the crypto ecosystem.

On-chain investigator ZachXBT has published a new report, titled “The Circle USDC Files,” alleging more than $420 million in compliance failures tied to the company’s USDC stablecoin since 2022.

The analysis, released on social media platform X on Friday, chronicles multiple high‐profile decentralized finance (DeFi) exploits in which Circle allegedly failed to use its on‐chain freezing and blacklist capabilities to halt the flow of stolen funds.

Alleged Inaction By Circle

Circle’s token contract includes an explicit freeze/blacklist function, and the company’s terms of service reserve the right to restrict access for suspected illicit actors “in its sole discretion.”

Yet, ZachXBT’s report claims that in many widely reported thefts and hacks, the issuer either delayed action or did not freeze funds at all, allowing attackers to move large sums across blockchains and convert them into other assets.

The report opens with the April 1, 2026, Drift Protocol exploit, in which the attacker drained roughly $280 million. According to ZachXBT, the thief used Circle’s Cross‐Chain Transfer Protocol (CCTP) to bridge more than 232 million USDC from Solana (SOL) to Ethereum (ETH) in over 100 transactions.

The incident had ripple effects across the Solana ecosystem, indirectly impacting more than 10 DeFi projects. Despite the funds moving through Circle’s native bridge for hours, the report says no USDC was frozen during the laundering.

ZachXBT also details a January 25, 2026, attack on SwapNet that resulted in $16 million being stolen. Roughly $3 million in USDC remained in the exploiter’s address for two days. Both law enforcement and private‐sector analysts reportedly submitted temporary freeze requests to Circle for that address, but Circle did not act.

Nine‐Figure Losses In Crypto Hacks

Among several other cases cited in the report, ZachXBT also points to broader, long‐running patterns. In April 2024, he published a separate investigation into the Lazarus Group laundering that traced funds from more than two dozen hacks being converted to fiat.

Law enforcement requested freezes from four stablecoin issuers — Circle, Tether, Paxos, and Techteryx — for two addresses tied to that investigation. The report claims the other three issuers acted quickly, while Circle took approximately 4.5 months longer to freeze the same addresses.

Taken together, ZachXBT says these cases — many of them public and high‐value — add up to nine‐figure losses to the crypto ecosystem caused by repeated inaction over a multi‐year period.

He stresses that the $420 million-plus figure covers only major public incidents and that the true total could be substantially higher. The overarching claim is that Circle possesses the contractual and technical tools to intervene, yet has not used them consistently or promptly, with concrete harm to victims and the broader community.

“They have every tool and resource available to do better. They just haven’t,” he writes, closing his report with a pointed question: who, exactly, is Circle serving?

The daily chart shows CRCL’s valuation at around $90 at the time of writing. Source: CRCL on TradingView.com

Featured image from OpenArt, chart from TradingView.com

Related Questions

QWhat is the main allegation in ZachXBT's report titled 'The Circle USDC Files'?

AThe report alleges more than $420 million in compliance failures tied to Circle's USDC stablecoin since 2022, claiming the company failed to use its on-chain freezing and blacklist capabilities to halt the flow of stolen funds in multiple high-profile DeFi exploits.

QAccording to the report, what specific tool did Circle allegedly fail to use effectively in the Drift Protocol exploit?

ACircle allegedly failed to use its on-chain freeze/blacklist function and its Cross-Chain Transfer Protocol (CCTP) to stop the attacker from bridging over 232 million USDC from Solana to Ethereum in over 100 transactions, despite the funds moving for hours.

QHow did Circle's response time to a law enforcement freeze request compare to other stablecoin issuers in the Lazarus Group case?

AThe report claims that while Tether, Paxos, and Techteryx acted quickly on the law enforcement request, Circle took approximately 4.5 months longer to freeze the addresses tied to the investigation.

QWhat does ZachXBT suggest is the total financial impact of Circle's alleged inaction?

AZachXBT states that the cases add up to nine-figure losses (over $100 million) to the crypto ecosystem, with the $420 million-plus figure covering only major public incidents, and the true total potentially being substantially higher.

QWhat contractual right does Circle's Terms of Service reserve regarding suspected illicit actors?

ACircle's Terms of Service reserve the right to restrict access for suspected illicit actors 'in its sole discretion,' granting the company the authority to freeze or blacklist addresses.

Related Reads

South Korean Exchanges 'Battle' Regulators, Challenging the Boundaries of Enforcement and Legislation

South Korea's cryptocurrency industry is engaged in a rare, direct confrontation with regulators. The Financial Intelligence Unit (FIU), the primary anti-money laundering (AML) watchdog, has recently imposed heavy penalties on major exchanges like Upbit and Bithumb for alleged violations involving unregistered overseas VASPs and AML procedures. However, exchanges are now actively challenging these actions in court and through industry associations. In a significant shift, the Seoul Administrative Court ruled in favor of Upbit's operator, Dunamu, overturning part of an FIU-ordered business suspension. The court found the FIU's penalty criteria and justification insufficiently clear. Similarly, the court suspended the enforcement of a six-month business suspension against Bithumb pending a final ruling, citing potential irreversible harm to the exchange. Beyond legal battles, the industry is contesting proposed legislative amendments. The Digital Asset eXchange Alliance (DAXA) strongly opposes a draft rule that would mandate Suspicious Transaction Reports (STRs) for all crypto transfers over 10 million KRW (~$6,800). DAXA argues this "poison pill" clause violates legal principles and would overwhelm the STR system, increasing reports from 63,000 to an estimated 5.45 million annually for major exchanges, thereby crippling effective AML monitoring. This conflict highlights a structural tension in South Korea's crypto governance: comprehensive digital asset laws are still developing, while regulators rely heavily on AML enforcement. The industry's move from passive compliance to active legal and legislative challenges signifies a new phase, pressing for clearer rules and more proportionate enforcement. While short-term disputes may intensify, this clash could ultimately lead to a more mature and sustainable regulatory framework for South Korea's vibrant crypto market.

marsbit9m ago

South Korean Exchanges 'Battle' Regulators, Challenging the Boundaries of Enforcement and Legislation

marsbit9m ago

Earnings Report, CLARITY Bill, and Warsh's Arrival: CRCL Faces Three Major Tests This Week

Circle (CRCL) faces three major tests this week that will significantly impact its stock price and valuation. First, on May 11, it will release its Q1 2026 earnings. Key metrics to watch are overall revenue and EPS, the proportion of revenue paid to distributors like Coinbase, and growth in non-interest income. The market also awaits Circle's stance on renegotiating its revenue-sharing contract with Coinbase, which expires in August. Second, on May 14, the U.S. Senate Banking Committee will vote on the CLARITY Act. This bill aims to establish a clear federal regulatory framework for digital assets. A recent compromise proposal would ban yield on static stablecoin reserves but allow rewards for active ones. Its passage, currently seen as likely by prediction markets, would be a major positive for the industry and Circle. Finally, on May 15, Kevin Warsh will succeed Jerome Powell as Federal Reserve Chair. Warsh's proposed policy of quantitative tightening combined with interest rate cuts could pose a short-term headwind for CRCL, as lower rates reduce Circle's primary revenue from USDC reserves. However, long-term prospects may improve as Warsh, a known crypto investor who opposes a Fed CBDC, is seen as potentially favorable to regulated private stablecoins like USDC.

marsbit15m ago

Earnings Report, CLARITY Bill, and Warsh's Arrival: CRCL Faces Three Major Tests This Week

marsbit15m ago

After 50x Storage Surge, Justin Sun Always Looks to the Next Decade

Sun Yuchen, known for his controversial stunts like a $30 million lunch with Warren Buffett (canceled due to a kidney stone) and eating a $6.2 million duct-taped banana, is often overshadowed by a significant fact: his decade-long track record of spotting major investment trends. In 2016, he famously advised young people to invest in Bitcoin, Nvidia, Tesla, and Tencent instead of buying property. A hypothetical $20,000 investment in Nvidia and Tesla from that list would now be worth over 50 million RMB. His latest major call was on November 6, 2025, predicting a "50x storage opportunity" tied to the AI boom, which materialized with Sandisk's stock surging nearly 50-fold by 2026. Looking ahead, Sun now focuses on the next frontier: Physical AI. He identifies four key areas: 1. **Embodied AI/Robotics**: He sees this reaching its "iPhone moment," with companies like UBTech and Galaxy General leading in commercialization. 2. **Drones**: Viewed as the first commercially viable form of Physical AI, revolutionizing sectors from warfare (e.g., AeroVironment's Switchblade) to logistics. 3. **Spatial Computing**: Beyond VR, it's about AI understanding physical space, a foundational technology for robotics and autonomous systems, exemplified by Apple's Vision Pro. 4. **Space Exploration**: After a 2025 suborbital flight with Blue Origin, Sun advocates for space as the ultimate frontier, discussing blockchain's potential role in space asset management and data transactions. His investment philosophy involves betting on entire, inevitable trends rather than single companies. For robotics, he sees Tesla (the body/manufacturer) and Nvidia (the brain/AI platform) as complementary plays. In defense drones, he highlights companies making tanks obsolete (AeroVironment) and those augmenting fighter jets (Kratos). For space, he participated in Blue Origin's flight and anticipates SpaceX's potential IPO to redefine the sector's valuation. Sun Yuchen's vision frames the next two decades not as a revolution in information flow (like the internet), but in the fundamental operation of the physical world through AI-powered robots, autonomous systems, and spatial intelligence, ultimately extending human and AI activity into space. While many still focus on conventional assets, he continues to look toward the next technological horizon.

marsbit1h ago

After 50x Storage Surge, Justin Sun Always Looks to the Next Decade

marsbit1h ago

The Billionaires Behind the Most Expensive Midterm Election in History

"The Most Expensive Midterm Elections and Their Billionaire Backers" This analysis details the unprecedented scale of spending in the 2026 midterm elections, highlighting the key billionaire donors shaping the political landscape. Jeff Yass, founder of Susquehanna International Group, has contributed over $81 million, ranking third among individual donors behind George Soros ($102.6M) and Elon Musk ($84.8M). Yass is a major donor to Trump's MAGA Inc. and supports school choice and various candidates. Overall, federal committees have raised over $4.7 billion this cycle, with political ad spending projected to reach $10.8 billion. Republican-aligned groups are significantly out-raising their Democratic counterparts. "Dark money" from undisclosed sources continues to grow. The core stakes involve control of Congress and policy direction for Trump's final term. Donors are also motivated by specific issues: Sergey Brin and Chris Larsen are funding opposition to a proposed California wealth tax and supporting crypto-friendly policies. Other top donors include OpenAI's Greg Brockman and his wife Anna ($50M total to MAGA Inc. and an AI-focused PAC), Richard Uihlein ($45.3M to conservative causes), venture capitalists Marc Andreessen and Ben Horowitz (each over $44M to crypto/AI PACs and MAGA Inc.), Miriam Adelson ($42.6M to GOP leadership PACs), Paul Singer ($33.9M), and Diane Hendricks ($25.8M to MAGA Inc.). The article notes that the peak fundraising period is still ahead, with major primaries approaching.

marsbit1h ago

The Billionaires Behind the Most Expensive Midterm Election in History

marsbit1h ago

The Largest IPO in History Is Approaching, Surpassing SpaceX, 28 Years of AI Self-Iteration, Countdown to Intelligence Explosion

"Anthropic Nears Trillion-Dollar IPO, Fueled by Explosive Growth and 2028 'Intelligence Explosion' Warning Anthropic is considering a deal valuing the AI company near $1 trillion, potentially leading to one of the largest IPOs ever and surpassing SpaceX. Its revenue has skyrocketed, with Annual Recurring Revenue (ARR) reaching $45 billion in May 2026—a 500% increase in just five months. This vertical growth curve is attributed to its key products, Claude Code and Cowork, dominating AI coding and enterprise collaboration. Beyond commercial success, co-founder Jack Clark issued a pivotal warning in an interview: there is a greater than 50% chance that by the end of 2028, AI systems will achieve recursive self-improvement—the ability to autonomously build a 'better version' of themselves, initiating an 'intelligence explosion.' This prophecy underpins the company's astronomical valuation, as the market prices in the potential for transformative and disruptive AI. Further signaling its ambition, Anthropic formed a $1.5 billion joint venture with Goldman Sachs and Blackstone, aiming to disrupt traditional consulting firms like McKinsey by deploying Claude AI for complex strategic work. This move tests AI's capacity to replace high-level cognitive labor, a precursor to its predicted autonomous evolution. The narrative presents a dual future: unprecedented economic opportunity alongside significant risks like economic restructuring and security threats. Anthropic's meteoric rise and Clark's 2028 prediction frame the coming years as a countdown to a potential technological singularity."

marsbit1h ago

The Largest IPO in History Is Approaching, Surpassing SpaceX, 28 Years of AI Self-Iteration, Countdown to Intelligence Explosion

marsbit1h ago

Trading

Spot
Futures
活动图片