Circle Locks $12.6M in Zama cUSDC After Hack-Tied Deposit

• $12.6 million in user funds locked as Circle freezes all cUSDC contract assets
• ZAMA drops 18.2% as panic selling spikes trading volume

On May 31, 2026 (UTC), Gizmodo reported that Circle froze Zama’s cUSDC smart contract after a hacker involved in the Overnight Finance rugpull deposited $12.5 million in stolen USDC into Zama’s contract. Circle’s compliance systems applied a contract-wide freeze, locking an estimated $12.6 million in total funds, including collateral belonging to legitimate users.

Circle flagged suspicious activity following the hacker’s transfer and enacted a freeze on the entire contract address. This action made all deposited funds inaccessible, impacting both the hacker’s assets and collateral held by third parties on the protocol.

The freeze triggered a sharp 18.2% drop in ZAMA’s token price within hours. Panic selling drove trading volume to nearly match ZAMA’s market capitalization, underscoring broad user concerns over fund accessibility.

Zama responded by pausing all contracts related to stablecoin wrappers and launching an internal investigation. The company announced it would await guidance from Circle or possible court intervention to enable a more targeted freeze—one that restricts only the hacker’s funds and returns access to legitimate users.

This event highlights persistent risks with smart contract collateral. Protocols are vulnerable to compliance controls that lock all assets, regardless of individual involvement in illicit activity, when platforms like Circle’s are triggered.

As of May 31, 2026, 01:09 UTC, USDC (USDC) trades at $1.00, down -0.015% in the past 24 hours.