According to Cointelegraph, SwissBorg, a crypto wealth management platform based in Switzerland, has reported a security breach involving its staking partner Kiln. Hackers exploited a vulnerability in Kiln's API, resulting in the theft of approximately 193,000 Solana tokens from SwissBorg's Earn program. The stolen tokens are valued at around $41 million. Despite the breach, SwissBorg assured users that its app and other Earn products remain unaffected.
SwissBorg identified the breach as originating from Kiln, a staking infrastructure provider that supports yield products on blockchains like Solana and Ethereum. The attack targeted the API, a software bridge connecting systems, allowing hackers to manipulate requests and siphon funds. SwissBorg emphasized its financial stability and confirmed that daily operations continue without disruption. Affected users will be contacted directly via email.
SwissBorg CEO Cyrus Fazel addressed the situation in an X Space session, noting that the breach impacted only users depositing Solana tokens in the Earn program, representing about 1% of its customer base and 2% of total assets. Fazel acknowledged the significant financial loss but assured that SwissBorg is not at risk. The Solana Earn program enables users to deposit SOL through SwissBorg's app to earn staking rewards, utilizing Kiln's infrastructure. This program is part of SwissBorg's broader suite of Earn offerings, which includes assets like BTC and ETH, aimed at providing retail users easy access to staking yields.
SwissBorg has pledged to reimburse affected users, stating that its current treasury is sufficient for compensation. The company is collaborating with international agencies, exchanges, and white-hat hackers to investigate the breach, with some transactions already blocked. Fazel described the incident as "a bad day for SwissBorg," but expressed optimism that it would serve as a learning experience.
Blockchain data indicates that the stolen funds were transferred to a Solana wallet now labeled as the "SwissBorg Exploiter" on Solscan, advising caution when interacting with it. Cointelegraph attempted to contact SwissBorg and Kiln for comments but did not receive an immediate response.
