Solana DEX Stabble urges liquidity pull after hacker alert

Stabble urged users to remove liquidity from its pools after blockchain monitors flagged multiple Solana addresses linked to cybercriminal groups with suspected North Korean ties. The advisory appeared on the exchange’s social channels and inside its app this week.

The platform instructed liquidity providers to withdraw funds and stop adding new liquidity until investigations conclude. The exchange noted the alert was prompted by suspicious activity connected to addresses identified in a threat report and did not confirm any loss of funds on the platform.

Blockchain investigators have connected the flagged wallets to earlier campaigns that exploited bridges, decentralized exchanges and smart contracts to move stolen assets. Security firms and on-chain monitors publish lists of addresses after detecting movement patterns consistent with prior incidents.

When addresses on those lists interact with liquidity pools, platforms sometimes freeze deposits or recommend withdrawals to limit exposure. Stabble’s advisory followed that approach, asking users to act quickly while analysts trace token flows.

Users on Solana checked positions and in many cases removed liquidity from affected pools. Market data showed short-term volatility in tokens commonly used on Solana DEXs as traders adjusted exposure. Stabble plans to provide updates as investigators confirm whether the flagged addresses carried out transfers on the platform and as it evaluates potential technical responses.

Stabble is working with external forensic analysts to trace suspicious transactions and determine if contract upgrades or temporary restrictions are necessary. The exchange encouraged affected users to export transaction records and wallet addresses to aid the investigation.

For users who withdrew funds, Stabble recommended moving tokens to secure wallets, avoiding interaction with unknown contracts and following official Stabble communications for verified instructions on redepositing. The exchange also warned against using unverified third-party guides or pasting unknown code that could expose private keys.

Blockchain analytics tools were cited as the basis for the alert; those tools identify clusters of addresses that move funds in patterns associated with laundering or prior thefts. Platform operators use those signals to decide whether to advise users or take technical measures.