Solana News Today: SwissBorg’s API Flaw Exposes $41M Staking Risk

SwissBorg, a Switzerland-based cryptocurrency wealth management platform, disclosed on September 8, 2025, that it had suffered a $41 million theft due to a compromised API from its staking partner, Kiln. The incident affected the platform’s SolanaSOL-- Earn program, where users deposit SOL tokens to earn staking rewards. Hackers exploited a vulnerability in Kiln’s API—used to connect SwissBorg’s app to Solana’s staking network—allowing them to manipulate requests and siphon approximately 193,000 SOL tokens. At the time of the breach, these tokens were valued at roughly $41 million. According to internal assessments, the breach impacted around 1% of SwissBorg’s user base and 2% of the company’s total assets under management [1].

SwissBorg emphasized that the incident did not affect its core app or other Earn products. The company has since confirmed that its financial stability remains intact, with no disruption to daily operations. Affected users will be contacted directly by email, and the firm has committed to reimbursing them using its own Solana treasury. CEO Cyrus Fazel described the event as “a bad day for SwissBorg,” but reiterated that the firm remains in a strong financial position and not at risk of insolvency [2]. The company has also pledged to maintain transparency throughout the recovery process.

The stolen funds were traced to a Solana wallet labeled as “SwissBorg Exploiter” on Solscan, a blockchain analytics tool. Users are being advised to avoid interacting with this wallet due to the potential risk of further exploitation [3]. In response, SwissBorg has engaged white-hat hackers, international agencies, and cryptocurrency exchanges to track the stolen assets. Several exchanges have already frozen transactions linked to the breach, preventing some of the stolen funds from being liquidated. Fazel noted the involvement of entities such as Fireblocks, Solana Foundation, and blockchain investigators in the effort to trace the funds across multiple addresses.

The incident highlights the risks of relying on third-party infrastructure in the cryptocurrency industry. Kiln, the staking provider at the center of the breach, is a well-regarded infrastructure provider for blockchains such as Solana and EthereumETH--. Despite due diligence in partner selection, external vulnerabilities can expose user funds to sophisticated attacks. Fazel acknowledged that the incident serves as a learning experience for SwissBorg and a call to strengthen its security protocols, particularly in API access and third-party integrations [4].

SwissBorg has taken steps to prevent similar incidents in the future, including tightening security measures and revisiting its due diligence processes before integrating new services. The company has also announced its intention to collaborate with law enforcement agencies globally to ensure a coordinated response to the breach. Fazel stressed the importance of learning from this incident to improve resilience against future threats, emphasizing that transparency and trust are critical to retaining user confidence. The firm has promised regular updates on the progress of recovery efforts and the implementation of new security protocols [5].

Source:

[1] Cointelegraph (https://cointelegraph.com/news/swissborg-hacked-41m-sol-api-compromise)

[2] The Block (https://www.theblock.co/post/369924/swissborg-crypto-platform-robbed-of-over-40-million-in-solana)

[3] 99Bitcoins (https://99bitcoins.com/news/altcoins/swissborg-solana-breach-leads-to-41m-loss-via-api-exploit/)

[4] CryptoSlate (https://cryptoslate.com/swissborg-loses-41m-in-sol-after-partner-api-compromise-affects-earn-program/)

[5] BlockNews (https://cryptorank.io/news/feed/18129-swissborg-hack-41m-in-solana-stolen-via-kiln-api-will-users-be-repaid)