Solana News Today: SwissBorg's Staking Partner Becomes Security Black Hole

Generated by AI AgentCoin World
Monday, Sep 8, 2025 11:36 pm ET2min read
SOL
--
Aime RobotAime Summary

- SwissBorg lost $41M in Solana tokens via a Kiln API vulnerability, with stolen funds fragmented and laundered through decentralized exchanges.

- The breach exploited third-party staking infrastructure, affecting 1% of users and 2% of assets, though core operations remain unaffected.

- SwissBorg plans to reimburse victims using reserves and enhance third-party oversight, as Solana's security flaws highlight $1.4B+ in 2025 crypto infrastructure losses.

- Kiln, managing $2B in staked assets, faces scrutiny over security practices amid renewed concerns about third-party risks in crypto staking ecosystems.

SwissBorg, a Swiss crypto wealth management platform, has confirmed that hackers exploited a vulnerability in the API of its staking partner, Kiln, resulting in the theft of approximately 193,000

Solana
(SOL) tokens. The stolen assets are valued at around $41 million and were taken from the company’s Earn program, which allows users to deposit cryptocurrencies such as SOL, BTC, and ETH to earn staking rewards through third-party infrastructure providers. The breach occurred on September 3, 2025, with the stolen funds routed to a Solana wallet now labeled “SwissBorg Exploiter” on Solscan. The attackers immediately fragmented the stolen assets into smaller transactions and used decentralized exchanges to obscure their movements, a strategy previously observed in high-profile hacks of Curve Finance and Mixin Network [3].

The incident is one of the most significant in a growing trend of cyberattacks targeting blockchain infrastructure. Solana, the fifth-largest blockchain by market capitalization with a value of approximately $78 billion as of early September 2025, has become a focal point for such breaches. According to Chainalysis, over $1.4 billion has already been stolen in crypto-related hacks this year, with infrastructure providers accounting for nearly 30% of the total losses. The vulnerability exploited in this case was related to Kiln’s API system, which SwissBorg used to connect its Earn platform to Solana’s staking network. The attackers manipulated API requests to siphon tokens from accounts linked to the Solana Earn product, highlighting the risks associated with integrating third-party services [3].

Despite the substantial financial impact, SwissBorg has emphasized that the breach is contained and does not threaten the broader operations of the company. The affected accounts represent about 1% of SwissBorg’s user base and 2% of its total assets. The firm, which has over 750,000 verified users and manages approximately $1.2 billion in client assets, has stated that its main app and other Earn products remain unaffected and operational. The company has also confirmed it has sufficient reserves to reimburse impacted users and is actively working with exchanges, international agencies, and white-hat hackers to trace and recover the stolen assets. Some suspicious transactions have already been frozen [3].

SwissBorg’s CEO, Cyrus Fazel, described the incident as a “bad day” but not a fatal blow to the company. He emphasized that SwissBorg maintains a corporate treasury buffer equal to at least 5% of customer deposits to cover rare but high-impact events, a policy now being tested in real-time. Fazel also stated that the company would use the incident as a “learning experience,” with plans to strengthen oversight of external technology partners to prevent future breaches. The Solana Earn program, which offered an annualized yield of approximately 7% at the time of the hack, is a key revenue driver for SwissBorg, contributing nearly 40% of its total earnings. This underscores the strategic importance of securing third-party integrations in the crypto ecosystem [3].

Kiln, the staking infrastructure provider at the center of the breach, has yet to issue a public response. The Paris-based firm, which raised $17 million in a 2022 Series A round backed by ConsenSys and Kraken Ventures, manages more than $2 billion in staked assets for institutional clients. The incident raises renewed scrutiny over the security practices of third-party service providers in the crypto industry, particularly those handling large-scale staking operations. With SwissBorg previously facing questions in 2022 about the safety of its Earn model amid the collapse of Celsius and Voyager, the firm now faces another moment of reckoning as it reassesses its risk management and operational resilience [3].

Source:

[1] Jim Cramer Reveals Big Debate Surrounding AI Stock

NVIDIA Corporation
(NVDA) (https://finance.yahoo.com/news/jim-cramer-reveals-big-debate-152142815.html)

[2] Cyware Daily Threat Intelligence, September 03, 2025 (https://www.cyware.com/resources/threat-briefings/daily-threat-briefing/cyware-daily-threat-intelligence-september-03-2025)

[3] Hackers Drain $41 Million In Solana From SwissBorg's Earn Program (https://financefeeds.com/hackers-drain-41-million-in-solana-from-swissborgs-earn-program/)