- SwissBorg lost $41 million in Solana after hackers went after its Earn Program.
- CEO Cyrus Fazel said only Solana deposits in the Earn Program have been affected.
- The breach followed Nemo’s $2.4 million exploit and Aqua’s $4.65 million rug pull.
Switzerland-based crypto platform SwissBorg confirmed Monday that it lost about $41 million worth of Solana (SOL) following a partner security breach. A company spokesperson said in a video that the incident did not involve its app but originated from a staking partner.
Blockchain investigator ZachXBT reported that SwissBorg lost approximately 192,600 SOL tokens, valued at $41.3 million. The company disclosed that the breach targeted its Solana Earn Program, powered by Kiln, a staking infrastructure provider.
SwissBorg stated that it would use its Solana treasury to help users recover a significant portion of their balances. The company assured that daily operations remain unaffected and emphasized that the incident does not endanger its overall financial health.
Breach Linked to Kiln’s Compromised API
SwissBorg explained that hackers exploited Kiln’s API, which served as the communication bridge between its app and Solana’s staking network. By manipulating API requests, attackers siphoned funds from the SOL Earn Program.
SwissBorg CEO Cyrus Fazel clarified that only Solana deposits in the Earn Program were impacted. The program represents around 1% of the user base and 2% of its total assets.
The spokesperson acknowledged the size of the loss but noted it did not put the company at risk. SwissBorg has engaged white-hat hackers, international security partners, and law enforcement agencies to track and recover stolen funds. Some transactions linked to the breach have already been blocked.
SwissBorg pledged that affected customers would be reimbursed, adding that its treasury alone could already cover the losses. Users impacted by the incident will be contacted directly by email with updates on compensation.
Wider Crypto Security Concerns
The SwissBorg breach occurred alongside multiple high-profile incidents across the crypto sector. On the same day, Nemo Protocol on the Sui blockchain suffered a $2.4 million exploit, which caused its total value locked to collapse from $6.3 million to $1.57 million.
According to PeckShieldAlert, hackers moved stolen USDC through Circle by bridging assets from Arbitrum to Ethereum. Following the exploit, user withdrawals exceeded $3.8 million worth of USDC and SUI tokens. Nemo suspended all smart contract operations during scheduled maintenance to investigate the root cause.
In a separate case, Solana-based project Aqua executed a $4.65 million rug pull involving 21,770 SOL tokens. The event followed promotions by teams such as Meteora, Quill Audits, Helius, SYMMIO, and Dialect.
SwissBorg stressed that the incident did not impact other Earn programs or funds stored within its proprietary app. The company described the breach as a difficult moment but pledged to increase security measures, improve oversight of third-party partners, and maintain direct communication with its community.
Related: Ledger CTO Warns Wallet Holders After NPM Account Hack
The CEO admitted that informing customers of lost funds was a painful step but described the process as a test of trust and resilience. Fazel said, “It’s never easy to be like, oh shit, I just lost some of your funds. But it’s in these times that we realize who has our trusted community.”
Amid a wave of supply chain attacks, including a recent compromise of an NPM software developer, experts continue to warn users about risks. With increasing threats targeting APIs and infrastructure providers, one question lingers: how can crypto firms safeguard users when trust depends on third-party partners?
