hodler

17 Apr 2026, 21:11

Analyst Defends Circle’s No-Freeze Stance on $280M Drift Hack Funds

The bad press facing stablecoin issuer Circle, following the $280 million exploit on the Solana trading protocol Drift, has gone up a notch after a California-based legal group filed a class action lawsuit against it, alleging it stood by while North Korea-linked hackers moved millions in stolen USDC through the firm’s own bridge, making it liable for investor losses from the attack. However, an analyst just made a case that Circle’s hands-off approach wasn’t negligence but rather the only way it could preserve the foundational principles that make USDC viable for institutional use. Why Freezing the Funds Would Have Been Worse Responding to a wave of anger aimed at Circle and its CEO, Jeremy Allaire, Lorenzo Valente, the director of research at ARK Invest, claimed that had the company frozen the stolen USDC without a legal order, then the stablecoin would have become “whatever Circle feels like that day.” According to him, there are several reasons why Circle’s inaction was the more sound path, with the first being that the incident was a “market/oracle exploit” and not a straightforward theft. This means it occupied a gray zone that includes aggressive but legal trading strategies, and having Circle decide which trades cross the line, in his opinion, can create a system with “no lawyers, no hearing, no appeal, just Circle vibes.” Valente also warned of contagion effects, where, if stablecoin issuers freeze funds based on their own judgment, then that permission structure would spread across the entire stack and would see bridges reversing transfers, DEXs blacklisting routers, wallets blocking transactions, and oracles tweaking price feeds at will. “The whole point of permissionless onchain finance is that none of these actors get to play judge,” he wrote. Thirdly, the analyst explained that due process functions as a product feature rather than a limitation. “The reason institutions build on USDC is because Circle can’t wake up and zero out your balance,” he said, suggesting that a stablecoin that can fold to social media pressure can then be easily swayed into action by any sufficiently loud voice. There is also the legal risk that the analyst feels nobody seems to want to discuss. Hackers move money fast. Within minutes, innocent liquidity providers and market makers end up holding tokens that passed through a mixer or a bridge. And if they freeze too aggressively, platforms like Circle may end up doing what could constitute theft from people who had nothing to do with the original crime. In this way, they risk facing lawsuits from downstream counterparties. Finally, Valente decried the lack of consistency, calling out popular on-chain investigator ZachXBT, who he said had gone after Circle on multiple occasions for freezing wallets without explanation, including more than 16 business-linked addresses just days before the Drift incident. Now, the same critic wants Circle to freeze faster. “You can’t have it both ways,” wrote the ARK researcher. “Either Circle uses broad discretion (and you don’t get to complain when they freeze something you like), or they only act under legal order.” The lawsuit against Circle was filed by Gibbs Mura, with Jacob Robinson, a legal commentator on X, calling their allegations “dangerous, precedent-setting.” One claim is that Circle aided and abetted hackers simply by letting them use the Cross-Chain Transfer Protocol. Another is that Circle had an affirmative duty to recognize the harm and freeze assets. Robinson doubts the suit succeeds, but noted that if it did, the risk could extend to anyone operating a bridge. Drift Moves on With Tether While Circle defends its choices in court and on social media, Drift Protocol is not waiting around. The project announced a collaboration with Tether totaling nearly $150 million. The plan centers on a relaunch where USDT replaces USDC for settlements. A $100 million revenue-linked credit facility, ecosystem grants, and loans to market makers will fund a recovery pool for affected users. However, Circle’s Allaire had already laid out the company’s position during an April 13 press conference in Seoul. It only acts when the law requires it, he said. The company does not get to step away from legal obligations to make judgment calls, even when the moral calculus feels obvious. The post Analyst Defends Circle’s No-Freeze Stance on $280M Drift Hack Funds appeared first on CryptoPotato .

17 Apr 2026, 19:32

Rhea Finance revises exploit losses to $18.4M, confirms slippage flaw as funds partially recovered

Rhea Finance confirms an $18.4M exploit tied to a slippage flaw, with recovery efforts already underway.

17 Apr 2026, 18:43

Russia-linked exchanges Grinex and TokenSpot targeted in suspected coordinated hack

At least one more Russia-linked crypto exchange has been hit in the billion-ruble hack of the sanctioned Kyrgyzstan-registered Grinex, blockchain analyses showed. Reports of the coinciding incidents sparked suspicions that the cyberattacks may have been coordinated and carried out by intelligence services rather than hacking groups. Kyrgyz crypto exchange TokenSpot also suffers breach Russia has been allegedly using a number of cryptocurrency platforms incorporated in allied states like Kyrgyzstan to bypass financial restrictions imposed over its war in Ukraine. The best known among them, the Grinex exchange, was hacked this week, losing well over a billion rubles’ worth of cryptocurrency, almost $15 million to be precise. And it wasn’t alone. Blockchain forensics firms quickly tracked the stolen crypto, mostly USDT on Tron, which was eventually converted via the decentralized platform SunSwap to Tron tokens (TRX), nearly 46 million of them, and deposited to a single address. According to a TRM Labs report , another Kyrgyz crypto trading service, TokenSpot, believed to be connected to Grinex, was also affected. Its analysts found out that a smaller amount of digital money, less than $5,000 in value, was sent to the same consolidation wallet used in the big hack. On Wednesday, the day Grinex halted trading, TokenSpot took to Telegram to inform users of an ongoing maintenance period, with operations resuming the following day, TRM said Thursday. While Grinex identified 54 addresses associated with the attack, TRM Labs found another 16, some of which were also used to transfer funds from TokenSpot. The latter is registered in Kyrgyzstan but serves predominantly Russian customers and supports ruble transactions, the business news outlet RBC reported on Friday. In a Telegram post , the Russian company SHARD, a provider of anti-money laundering and know your customer services, remarked: “According to on-chain analysis, it is likely that not only the Grinex exchange, but another service, also located in Moscow City, fell victim to these same attackers.” The Kyrgyzstan-based Grinex, successor of the Russian exchange Garantex , which was shut down in a U.S.-led effort last year, has an office in the same business center in Russia’s capital. After registering the hack and suspending all operations, Grinex contacted law enforcement authorities and shared the collected data for further investigation. The crypto trading venue alleged it had been “subjected to a large-scale cyberattack with indications of involvement by foreign intelligence agencies” and highlighted: “The digital footprint and nature of the attack indicate an unprecedented level of resources and technology, available only to entities of hostile states.” “According to preliminary data, the attack was coordinated with the aim of directly harming Russia’s financial sovereignty,” the exchange also said. Was Grinex hit by regular hackers or Western spies? Grinex’s assertion has not been supported by official statements so far, but it sparked discussions in the Russian crypto space, with views supporting both scenarios. SHARD commented that the exchange’s actions seem motivated by a desire to protect funds from being blocked by the issuer. When its predecessor, Garantex, was taken offline in early 2025, Tether froze $27 million worth of USDT on its platform. “This indicates an economic rather than political nature of the target, and it is possible that the hack is not connected to foreign intelligence services,” the company elaborated. AML specialists at CoinKit concluded that since the attackers emptied the exchange’s wallets in about five minutes, the attack was pre-planned and executed automatically. The analysts said the scheme has been observed in most major exchange hacks in the past couple of years and does not require access to government resources. “The nature of the transactions does not match the signature of elite hacker groups working for governments,” the BitOK compliance platform agreed. However, it also noted that Grinex is sanctioned by the U.S., the EU, and the U.K., which turns it into a “legitimate target” for Western intelligence and pointed out: “There are historical precedents. In 2025, the Iranian exchange Nobitex lost $90 million as a result of an attack by a group linked to Israel. The Russia-linked cryptocurrency exchange has processed over $93 billion in transactions using the ruble-pegged stablecoin A7A5 . Entities linked to the digital currencies, most notably the Kyrgyzstan-registered firm Old Vector, which is currently issuing it, are also sanctioned by the West. If you're reading this, you’re already ahead. Stay there with our newsletter .

17 Apr 2026, 16:47

US Government Moves Bitcoin Tied to $9 Billion Bitfinex Hack

The U.S. government moved 8.2 Bitcoin, or greater than $600,000, that is linked to the $9 billion Bitfinex hack from 2016.

17 Apr 2026, 15:30

Crypto Shockwave: Circle Sued As $280 Million Drift Hack Unravels

North Korean hackers likely pocketed hundreds of millions in stolen crypto — and now a US court is being asked to decide whether a stablecoin giant should have stopped them. Circle’s Own Track Record Becomes A Key Weapon A class action lawsuit filed in a Massachusetts federal court this week names Circle Internet Group as the defendant, with plaintiffs arguing the company had both the means and the opportunity to stop roughly $280 million in stolen USDC from moving across blockchains — and did nothing. The case was brought by Drift Protocol investor Joshua McCollum, representing more than 100 affected members. Their attorneys put it plainly: Circle allowed criminal use of its own technology. The April 1 attack on Drift Protocol saw attackers drain funds and route them from Solana to Ethereum using Circle’s Cross-Chain Transfer Protocol, a bridging tool the company operates. The transfers happened over several hours, according to reports. The window was wide open. What makes the lawsuit particularly pointed is what happened just days before the hack. About a week prior, Circle froze 16 USDC wallets tied to a sealed US civil case. Plaintiffs seized on that detail. If Circle could move fast for a court-adjacent matter, they argue, it could have acted here too. That single fact sits at the center of the legal fight. I hope there’s some precedent set. Either you’re a decentralized protocol and literally do not have the power to freeze or you’re not and you should be freezing hacked funds. This middle ground hand wavy “only with a court order” stuff is weak. Misses the forest for the trees https://t.co/TqzOYKZOvm — James Seyffart (@JSeyff) April 16, 2026 Accusations Range From Negligence To Aiding The Crime The suit carries two main charges: negligence and aiding and abetting conversion — a legal term for helping someone unlawfully take another person’s property. The law firm Mira Gibb is handling the case for McCollum and the other Drift investors. Damages have not yet been set and will be determined at trial. Circle has not responded to requests for comment. Crypto analytics firm Elliptic flagged the attack as the work of North Korean state-backed operatives. Based on Elliptic’s analysis, the hackers executed more than 100 transactions through Circle’s bridging infrastructure during regular US business hours. After moving the funds to Ethereum, the stolen assets were converted and pushed through Tornado Cash, a privacy protocol used to obscure transaction trails. ARK Invest Defends Circle, But The Moral Stakes Remain High Not everyone is pointing fingers at Circle. Lorenzo Valente, ARK Invest’s director of digital asset research, argued that Circle made the right call by not acting without a legal order. His concern: give a company like Circle the power to freeze funds on judgment alone, and every decision becomes political. He questioned aloud where the line would be drawn — between a North Korean hacker and a suspicious wallet elsewhere in the world. Featured image from B&G Lawyers, chart from TradingView

17 Apr 2026, 11:32

Us government moves $606,470 in bitcoin linked to bitfinex hack

🟠 US government shifted $606,470 in $BTC tied to the Bitfinex hack. All 8,196 BTC went to Coinbase Prime as part of a legal process. Continue Reading: Us government moves $606,470 in bitcoin linked to bitfinex hack The post Us government moves $606,470 in bitcoin linked to bitfinex hack appeared first on COINTURK NEWS .