Zama Users Lose $12.6M in cUSDC Freeze After Hack Deposit

• Circle froze Zama’s cUSDC contract after hack-linked funds were deposited, locking all user balances.
• ZAMA token dropped 18.2%, trading volume surged as users responded to uncertainty.

On May 31, 2026, The Block reported that Circle froze Zama’s cUSDC smart contract after an address connected to the Overnight Finance hack deposited over $12.5 million in compromised USDC. This compliance action targeted tainted funds but triggered a contract-wide freeze, leaving all user balances locked instead of isolating the hacker’s deposit.

As a result, $12.6 million in user funds—including those unrelated to the incident—became inaccessible. The freeze immediately impacted ZAMA’s token price, which fell 18.2% from $0.039 to $0.032 within five and a half hours, then partially rebounded to $0.035.

Trading activity surged, with ZAMA’s 24-hour volume rising 61% to $73.9 million, nearly equaling its $77.5 million market cap. This signaled panic selling, liquidations, and speculative trading as users grappled with the locked assets.

Zama reacted by pausing all confidential token contracts, including cUSDC, cUSDT, and cWETH, to contain exposure. The protocol announced a post-mortem review and stated it would pursue legal action to limit the contract freeze, aiming to restrict compliance measures only to the hacker’s address.

The freeze sparked debate over blanket compliance actions by stablecoin issuers. According to The Block, such measures can inadvertently impact legitimate users and erode trust in privacy-focused protocols exposed to hacked funds.

If Zama’s legal efforts fail, users uninvolved with the hack may permanently lose access to their funds, threatening confidence in speculative tokens and the reliability of the protocols supporting them.