SwissBorg, a Switzerland-based crypto wealth management platform, said hackers exploited a vulnerability in the API of its staking partner Kiln, draining about 193,000 Solana tokens from its Earn program.
SwissBorg, a Switzerland-based crypto wealth management platform, said hackers exploited a vulnerability in the API of its staking partner Kiln, draining about 193,000 Solana tokens from its Earn program.
The SwissBorg app and other Earn products were not impacted by the hack, the company wrote in a post on X. The stolen SOL (SOL) tokens were worth roughly $41 million at time of writing.
The breach originated with Kiln, a staking infrastructure provider that powers yield products on blockchains such as Solana and Ethereum.
An API attack targets the software “bridge” that connects two systems. In SwissBorg’s case, its app relied on Kiln’s API to communicate with Solana’s staking network. By compromising the API, hackers were able to manipulate requests and siphon off funds.
SwissBorg said that despite the hack, the company remains in good financial health, daily operations are unaffected and the affected users will be contacted directly by email.
Related: Crypto users urged to take extreme care as NPM attack hits core JavaScript libraries
A ‘bad day’ but not a fatal blow
SwissBorg CEO Cyrus Fazel hosted an X Space on Monday shortly after the company’s statement that it had been hacked. According to Fazel, the breach only impacted users depositing Solana tokens in its Earn program, which accounts for about 1% of its customer base and 2% of total assets.
“It’s a big amount of money, but it doesn’t put SwissBorg at risk,” the spokesperson said.
SwissBorg’s Solana Earn program lets users deposit SOL through its app to earn staking rewards, using the infrastructure provided by Kiln. The product was part of SwissBorg’s wider suite of Earn offerings on assets like BTC and ETH, designed to give retail users simple access to staking yields without managing validator nodes or DeFi protocols directly.
The company pledged to reimburse affected users, noting that “with the current treasury we have, we could already do that,” while stressing it is also working with international agencies, exchanges and white-hat hackers to assist with the investigation, and that some transactions have already been blocked.
Calling it “a bad day for SwissBorg,” Fazel said the incident would ultimately serve as a learning experience for the company.
Blockchain data shows the stolen funds were routed to a Solana wallet now labeled on Solscan as the “SwissBorg Exploiter,” advising users to exercise caution when interacting with it.
Cointelegraph reached out to Swissborg and Kiln for comment, but did not receive an immediate response.
