Symbols

Solana News Today: SwissBorg’s API Flaw Exposes $41M Staking Risk

Generated by AI AgentCoin World

Tuesday, Sep 9, 2025 1:36 am ET2min read

Aime Summary

- SwissBorg suffered a $41M theft via a compromised Kiln API in its Solana Earn program, exploiting a vulnerability to siphon 193,000 SOL tokens.

- The breach impacted 1% of users and 2% of assets, but SwissBorg confirmed financial stability and pledged to reimburse victims from its Solana treasury.

- Hackers traced stolen funds to a "SwissBorg Exploiter" wallet; exchanges froze transactions while white-hat hackers and partners investigate recovery.

- The incident highlights third-party infrastructure risks, prompting SwissBorg to tighten security protocols and collaborate with law enforcement for future resilience.

SwissBorg, a Switzerland-based cryptocurrency wealth management platform, disclosed on September 8, 2025, that it had suffered a $41 million theft due to a compromised API from its staking partner, Kiln. The incident affected the platform’s SolanaSOL-- Earn program, where users deposit SOL tokens to earn staking rewards. Hackers exploited a vulnerability in Kiln’s API—used to connect SwissBorg’s app to Solana’s staking network—allowing them to manipulate requests and siphon approximately 193,000 SOL tokens. At the time of the breach, these tokens were valued at roughly $41 million. According to internal assessments, the breach impacted around 1% of SwissBorg’s user base and 2% of the company’s total assets under management [1].

SwissBorg emphasized that the incident did not affect its core app or other Earn products. The company has since confirmed that its financial stability remains intact, with no disruption to daily operations. Affected users will be contacted directly by email, and the firm has committed to reimbursing them using its own Solana treasury. CEO Cyrus Fazel described the event as “a bad day for SwissBorg,” but reiterated that the firm remains in a strong financial position and not at risk of insolvency [2]. The company has also pledged to maintain transparency throughout the recovery process.

The stolen funds were traced to a Solana wallet labeled as “SwissBorg Exploiter” on Solscan, a blockchain analytics tool. Users are being advised to avoid interacting with this wallet due to the potential risk of further exploitation [3]. In response, SwissBorg has engaged white-hat hackers, international agencies, and cryptocurrency exchanges to track the stolen assets. Several exchanges have already frozen transactions linked to the breach, preventing some of the stolen funds from being liquidated. Fazel noted the involvement of entities such as Fireblocks, Solana Foundation, and blockchain investigators in the effort to trace the funds across multiple addresses.

The incident highlights the risks of relying on third-party infrastructure in the cryptocurrency industry. Kiln, the staking provider at the center of the breach, is a well-regarded infrastructure provider for blockchains such as Solana and EthereumETH--. Despite due diligence in partner selection, external vulnerabilities can expose user funds to sophisticated attacks. Fazel acknowledged that the incident serves as a learning experience for SwissBorg and a call to strengthen its security protocols, particularly in API access and third-party integrations [4].

SwissBorg has taken steps to prevent similar incidents in the future, including tightening security measures and revisiting its due diligence processes before integrating new services. The company has also announced its intention to collaborate with law enforcement agencies globally to ensure a coordinated response to the breach. Fazel stressed the importance of learning from this incident to improve resilience against future threats, emphasizing that transparency and trust are critical to retaining user confidence. The firm has promised regular updates on the progress of recovery efforts and the implementation of new security protocols [5].

Source:

[1] Cointelegraph (https://cointelegraph.com/news/swissborg-hacked-41m-sol-api-compromise)

[2] The Block (https://www.theblock.co/post/369924/swissborg-crypto-platform-robbed-of-over-40-million-in-solana)

[3] 99Bitcoins (https://99bitcoins.com/news/altcoins/swissborg-solana-breach-leads-to-41m-loss-via-api-exploit/)

[4] CryptoSlate (https://cryptoslate.com/swissborg-loses-41m-in-sol-after-partner-api-compromise-affects-earn-program/)

[5] BlockNews (https://cryptorank.io/news/feed/18129-swissborg-hack-41m-in-solana-stolen-via-kiln-api-will-users-be-repaid)

Coin World

Quickly understand the history and background of various well-known coins

Latest Articles

Stay ahead of the market.

Get curated U.S. market news, insights and key dates delivered to your inbox.

Comments

﻿

Add a public comment...

No comments yet

AInvest
PRO

Editorial Disclosure & AI Transparency: Ainvest News utilizes advanced Large Language Model (LLM) technology to synthesize and analyze real-time market data. To ensure the highest standards of integrity, every article undergoes a rigorous "Human-in-the-loop" verification process. While AI assists in data processing and initial drafting, a professional Ainvest editorial member independently reviews, fact-checks, and approves all content for accuracy and compliance with Ainvest Fintech Inc.’s editorial standards. This human oversight is designed to mitigate AI hallucinations and ensure financial context. Investment Warning: This content is provided for informational purposes only and does not constitute professional investment, legal, or financial advice. Markets involve inherent risks. Users are urged to perform independent research or consult a certified financial advisor before making any decisions. Ainvest Fintech Inc. disclaims all liability for actions taken based on this information. Found an error?Report an Issue