- Decentralised exchange Stabble urged users to “temporarily withdraw their liquidity immediately” on April 7 after discovering that its former CTO, Keisuke Watanabe, was allegedly a North Korean operative.
- Total value locked on Stabble fell from US$1.75 million to under US$663K, a 62% drop, within hours of the warning, even though no exploit was disclosed at the protocol itself.
- The episode follows the US$285 million Drift Protocol exploit attributed to North Korea-linked actors, intensifying scrutiny of how DPRK IT workers are infiltrating crypto firms under false identities.
Solana-based decentralised exchange Stabble saw its total value locked (TVL) drop 62% after an on-chain investigator identified the protocol’s former CTO as a suspected North Korean operative.
This prompted an emergency withdrawal warning despite no confirmed exploit.
The alert followed disclosures by investigator ZachXBT, who linked former CTO Keisuke Watanabe to multiple aliases and wallet addresses across Solana and Ethereum, alongside an email and open-source intelligence evidence.
ZachXBT also said Watanabe had worked at Solana infrastructure project Elemental, leading to a separate dispute over how that project handled the alleged connection.
Read more Robert Kiyosaki Warns of Financial Crisis, Urges Shift to Bitcoin and Gold
DPRK Infiltration Pressure Mounts
Stabble’s newly appointed operations team issued an urgent message roughly seven hours after the disclosure began circulating, advising liquidity providers to withdraw funds immediately as a precaution.
The team later confirmed it was responding to the warning and prioritising user safety.
Liquidity providers reacted quickly. The protocol’s TVL fell from about US$1.75 million (AU$2.54 million) to below US$663,000 (AU$961,350) within hours, as per DefiLlama. But Stabble reported no breach or vulnerability in its systems, with the outflows driven solely by concerns over the former employee’s alleged ties.
Drift Protocol Flashbacks
The incident comes amid heightened scrutiny of North Korea-linked activity in the crypto sector.
Days earlier, Drift Protocol disclosed a US$285 million (AU$413.25 million) exploit attributed to actors believed to be connected to the same group behind the Radiant Capital hack in October 2024.
US authorities have warned that North Korean IT workers are increasingly using false identities to secure roles within crypto firms, sometimes redirecting earnings or establishing access that can later facilitate attacks.
Stabble’s current team has pledged to conduct new audits and provide transparency around Watanabe’s hiring and access during his roughly one-year tenure.
Related: Bitcoin Traders Eye Sub-$60K Sweep as Market Tension Builds
Hackers,North Korea,Solana#Solana #DEX #Stabble #Crisis #Alleged #North #Korean #Hacker #Link #Sparks #Liquidity #Exodus1775642862
