Stablecoin issuer Circle is as soon as once more going through harsh criticism for its failure to dam stolen funds in a well timed method. Over $3 million value of USDC stolen from SwapNet customers remains to be sitting in a Basescan deal with, but to be frozen.
An impartial blockchain investigator who goes by the title “Tanuki42” on X tagged Circle and its CEO, asking whether or not they’re ready for a “court order to ‘prove’ something which is entirely publicly verifiable on-chain?”
Fellow crypto sleuth ZachXBT additionally pitched in, calling Circle a “bad actor.” He asks, “Why should anyone continue building on $USDC when you never take care of your users as a centralized stablecoin issuer?”
Usually, hackers will swap centralized stablecoins. reminiscent of Circle’s USDC or Tether’s USDT, for belongings that may’t be frozen.
These embrace the stablecoin DAI, or native ETH which might be washed through crypto mixers like Twister Money.
The crypto safety group has beforehand criticized Circle for its failure to behave. Notably, within the wake of final yr’s $42 million hack of GMX, the laundering of funds stolen by North Korean hackers from ByBit, and extra.
In comparison with Tether’s $1.6 billion frozen from over 2,500 addresses, Circle has frozen a complete of simply $110 million from fewer than 500 addresses, in keeping with a Dune dashboard from AMLBot.
SwapNet and Aperture Finance contracts compromised
Within the newest hack to hit the DeFi sector, victims who had granted token switch approval to sure contracts had been drained of roughly $17 million.
Swap and bridge aggregator Matcha Meta warned customers “who turned off one-time approvals” to revoke approvals to any exterior contracts.
We’re conscious of an incident with SwapNet that customers could have been uncovered to on Matcha Meta for many who turned off One-Time Approvals
We’re in touch with the SwapNet staff and so they have quickly disabled their contracts
The staff is actively investigating and can present…
— Matcha Meta 🎆 (@matchametaxyz) January 25, 2026
Blockchain audit agency BlockSec defined that victims confronted losses on Ethereum, Arbitrum, Base and BNB Chain. It notes that “victim contracts are not open-source and appear to expose an arbitrary-call capability.”
BlockSec recognized 16 particular person assaults ensuing from 9 compromised contracts. The contracts’ deployer addresses belong to SwapNet and Aperture Finance, liable for $13.4 and three.7 million of losses, respectively.
