{ "id": 48575, "date": "2025-09-09T09:55:01", "date_gmt": "2025-09-09T02:55:01", "guid": { "rendered": "https:\/\/hbbgroup.net\/swissborg-hacked-for-41m-sol-after-third-party-api-compromise\/" }, "modified": "2025-09-09T09:55:01", "modified_gmt": "2025-09-09T02:55:01", "slug": "swissborg-hacked-for-41m-sol-after-third-party-api-compromise", "status": "publish", "type": "post", "link": "https:\/\/hbbgroup.net\/en_us\/swissborg-hacked-for-41m-sol-after-third-party-api-compromise\/", "title": { "rendered": "SwissBorg hacked for $41M SOL after third-party API compromise" }, "content": { "rendered": "
\n
\n

Hackers drained 193,000 SOL from SwissBorg\u2019s Solana Earn program after a Kiln API was compromised, affecting 1% of users and 2% of assets. <\/p>\n

\"SwissBorg<\/picture><\/div>\n
\n
\n

SwissBorg, a Switzerland-based crypto wealth management platform, said hackers exploited a vulnerability in the API of its staking partner Kiln, draining about 193,000 Solana tokens from its Earn program.\u00a0<\/p>\n

The SwissBorg app and other Earn products were not impacted by the hack, the company wrote in a post on X<\/a>. The stolen SOL (SOL<\/a>) tokens were worth roughly $41 million at time of writing. <\/p>\n

Source: <\/em>Swissborg<\/em><\/a> <\/em><\/figcaption><\/figure>\n

The breach originated with Kiln, a staking infrastructure provider that powers yield products on blockchains such as Solana and Ethereum.<\/p>\n

An\u00a0API attack\u00a0targets the software \u201cbridge\u201d that connects two systems. In SwissBorg\u2019s case, its app relied on Kiln\u2019s API to communicate with Solana\u2019s staking network. By compromising the API, hackers were able to manipulate requests and siphon off funds.<\/p>\n

SwissBorg said that despite the hack, the company remains in good financial health, daily operations are unaffected and the affected users will be contacted directly by email.<\/p>\n

Related: <\/strong><\/em>Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries<\/strong><\/em><\/a>\u00a0<\/a><\/p>\n

A \u2018bad day\u2019 but not a fatal blow<\/h2>\n

SwissBorg CEO Cyrus Fazel hosted<\/a> an X Space on Monday shortly after the company\u2019s statement that it had been hacked. According to Fazel, the breach only impacted users depositing Solana tokens in its Earn program, which accounts for about 1% of its customer base and 2% of total assets. <\/p>\n

\u201cIt\u2019s a big amount of money, but it doesn\u2019t put SwissBorg at risk,\u201d the spokesperson said. <\/p>\n

SwissBorg\u2019s\u00a0Solana Earn program\u00a0lets users deposit SOL through its app to earn staking rewards, using the infrastructure provided by Kiln. The product was part of SwissBorg\u2019s wider suite of Earn offerings on assets like BTC and ETH, designed to give retail users simple access to staking yields without managing validator nodes or DeFi protocols directly.<\/p>\n

The company pledged to reimburse affected users, noting that \u201cwith the current treasury we have, we could already do that,\u201d while stressing it is also working with international agencies, exchanges and white-hat hackers to assist with the investigation, and that some transactions have already been blocked.<\/p>\n

Calling it \u201ca bad day for SwissBorg,\u201d Fazel said the incident would ultimately serve as a learning experience for the company.<\/p>\n

Source: <\/em>Solscan<\/em><\/a> <\/em><\/figcaption><\/figure>\n

Blockchain data shows the stolen funds were routed to a Solana wallet now labeled on Solscan as the \u201cSwissBorg Exploiter,\u201d advising users to exercise caution when interacting with it.<\/p>\n

Cointelegraph reached out to Swissborg and Kiln for comment, but did not receive an immediate response.<\/p>\n