$41 Million Stolen in SwissBorg Crypto Hack Linked to Third-Party API

The Swiss crypto platform SwissBorg has confirmed a breach in which attackers siphoned off approximately 193,000 Solana (SOL) tokens from its Earn program. At the time of the incident, the stolen assets were valued at nearly $41 million.

In an official statement, the company stressed that the attack affected fewer than 1% of users and did not impact other Earn programs or funds within the app. According to SwissBorg, its core infrastructure remains secure, and daily operations continue uninterrupted.

The breach was traced to a vulnerability in the API of Kiln, a staking infrastructure provider for Solana and Ethereum. Through this compromised API, SwissBorg’s application communicated with the Solana network, enabling the attackers to manipulate requests and withdraw assets.

The company’s CEO, Cyrus Fazel, speaking in an X Space session, acknowledged the severity of the loss but emphasized that SwissBorg itself remains financially sound: “The incident affected around 1% of our client base and approximately 2% of assets under management. It is a large sum, but it does not put the company at risk.”

SwissBorg has pledged to cover the losses using its own SOL Treasury and confirmed that it is collaborating with international agencies, cryptocurrency exchanges, and white-hat hackers to recover the stolen funds. The company reported that some transactions had already been frozen.

In its published recovery plan, SwissBorg outlined two immediate courses of action. First, affected users will be compensated promptly with funds from the SOL Treasury. Second, the company, alongside security experts, will continue efforts to retrieve the stolen assets. Impacted clients will be notified individually via email.

The Solana Earn program allowed users to earn rewards through staking facilitated by Kiln’s infrastructure. It was part of SwissBorg’s broader Earn product suite, which also includes offerings for BTC and ETH, primarily aimed at retail investors.

Blockchain data shows that the stolen tokens were transferred to an address now flagged as “SwissBorg Exploiter.” This wallet currently holds more than 190,000 SOL (approximately $40.8 million), and users have been cautioned to exercise extreme vigilance when encountering it.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy