SwissBorg Hit by $41M Solana Hack
Swiss crypto wealth management platform SwissBorg suffered a $41 million Solana (SOL) exploit after hackers compromised the API of its staking partner Kiln.
SwissBorg’s Solana Earn drain: 193,000 SOL tokens were drained, according to an official announcement. Other services, including the SwissBorg app and non-Solana staking offerings, were unaffected.
The value of the stolen assets was roughly $41 million at the time of the breach. Blockchain data on Solscan has tagged the exploiter address as “SwissBorg Exploiter.”
How the Kiln API Attack Worked
Kiln provides staking infrastructure for multiple blockchain networks, including Ethereum and Solana. SwissBorg’s Solana Earn program integrated Kiln’s API to connect with Solana’s staking network.
Hackers compromised this API bridge, allowing them to reroute user deposits into their wallets. Unlike typical wallet-level breaches, this type of attack targeted connections between services, highlighting vulnerabilities in third-party integrations.
Also Read : Hackers Hide Malware in NPM Packages by Using Ethereum Smart Contracts
SwissBorg CEO: “A Bad Day, But Not a Fatal Blow”
In an X (Twitter) Space discussion, Cyrus Fazel, CEO of SwissBorg, confirmed that the hack impacted only Solana Earn users—around 1% of SwissBorg’s customers and 2% of total assets.
“It is a large amount of money but it won’t pose any risk to SwissBorg,” Fazel said, pledging that affected users would be fully reimbursed.
He emphasized that SwissBorg remains financially healthy, with day-to-day operations unaffected. The company is working with global agencies, crypto exchanges, and white-hat hackers to recover funds, with some assets already frozen.
Solana Earn Users to Be Reimbursed
The Solana Earn program allowed SOL token holders to stake without running validators or using DeFi protocols directly, leveraging Kiln’s infrastructure.
Fazel confirmed that SwissBorg’s treasury reserves are strong enough to refund affected customers immediately.
He called the breach a “bad day for SwissBorg”, but also a lesson in risk management and infrastructure resilience.
Lessons From the SwissBorg Hack
This incident underscores the growing risks of API vulnerabilities in crypto infrastructure. APIs make staking and DeFi access simple, but they also represent single points of failure.
Key lessons include:
- Strengthening API security standards.
- Reducing reliance on third-party staking providers.
- Enhancing custody protections in wealth management platforms.
As reimbursements proceed, the hack will likely spark industry-wide discussions on security standards for custody, APIs, and third-party dependencies in the digital asset ecosystem.
