Once again, the self-proclaimed blockchain watchdog, ZachXBT, has taken aim at Circle and its CEO, Jeremy Allaire, for their apparent nap during the $280 million heist tied to Drift Protocol.
In his usual dramatic flair, ZachXBT blasted the company’s delay in responding while hackers gleefully moved funds across blockchains. A casual day in the crypto world, apparently.
Circle Under Fire
Posting on X, ZachXBT didnât mince words, accusing the stablecoin giant of being âasleepâ while millions in USDC were shifted from Solana to Ethereum. And not just a few transactions-around 100. He sarcastically noted that âvalue was moved and nothing was done.â Itâs almost like Circle wasnât even aware that $280 million was getting a free ride. In a different post, he referred to the recent freezing of 16 business wallets as âcompetenceâ-or rather, the lack of it. And, of course, he called Circleâs behavior âincompetentâ and labeled the firm and Allaire as “bad actors for the industry.â Well, well, well.
The world of crypto was abuzz with the question: could a quicker response have stopped the endless stream of funds moving around during the hack? After all, the money seemed to flow without interruption for hours. Timing is everything, right?
Meanwhile, Drift Protocol came forward with its own take on the incident, claiming it wasnât their fault, and certainly not the fault of their well-written smart contracts. Oh no, this was a “highly coordinated and sophisticated attack”-involving a “novel attack” (fancy word for clever trickery) that used durable nonces. This allowed the attacker to sign transactions ahead of time and execute them later-because who wouldnât want to plan their heist like a seasoned professional?
The attacker breezed past real-time detection systems, gaining control over Driftâs Security Council permissions with ease. No code vulnerabilities here, folks-just a solid dose of social engineering. The result? The hacker got their hands on 2-of-5 multisig approvals, pulled off a swift admin transfer, and then added some malicious assets. Oh, and they removed withdrawal limits-just in case. The audacity!
Drift Hack Timeline
Driftâs own timeline shows the attack had been brewing for weeks. Starting on March 23, the attacker set up durable nonce accounts tied to legitimate multisig members and their own wallets. The preparations continued through March 27 and 30, with a multisig migration and more nonce activity. Finally, on April 1, the plan was set into motion, with pre-signed transactions executing just after a legitimate test transaction. Who said hackers donât plan ahead?
In a bid to regain some credibility, Drift froze the remaining protocol functions, kicked the compromised wallet from the multisig, and started working with security firms, exchanges, and law enforcement to track down the stolen assets. At least someoneâs doing something-just a few weeks too late.
Read More
- What Song Is In The New Supergirl Trailer (& What It Means For The DC Movie)
- One of Huluâs Best New Shows Lands on Disney+ Ahead of Season 2
- Eurogamer Gives ARC Raiders 2/5 Over AI Voices, Dropping Metacritic Score from 94 to 84
- Gold Rate Forecast
- Netflixâs Run Away is the latest show to fail the Gen Z social media test
- Meet the Real-Life Inspiration For Sex and The Cityâs Mr. Big
- Jujutsu Kaisen Is Returning With a Special Release After Sequelâs Finale
- The Quantum Observer: How Reality Takes Shape
- I Had High(ish) Hopes For Five Nights At Freddyâs 2, But My Two Most Glaring Issues Make Me Wary About A Third Movie
- Ariana Grande and More Celebs React to Golden Globes 2026 Nominations
2026-04-03 00:33