The cryptocurrency platform SwissBorg, headquartered in Switzerland, officially confirmed on Monday that its Solana staking program has encountered a significant security breach event.
This attack resulted in severe asset losses, with hackers successfully stealing approximately 192,600 SOL tokens. At the time, the market price of SOL tokens stabilized around $213, making the total value of the stolen tokens exceed $41 million.
In a video message posted on the X platform, a company spokesperson explained in detail that this intrusion did not involve SwissBorg's proprietary applications, nor did it affect customer deposits directly held on the platform. Instead, the investigation revealed that the source of this intrusion could be traced back to its partner Kiln. Kiln is a well-known cryptocurrency staking infrastructure provider in the industry, offering staking-related services to numerous cryptocurrency platforms. The hackers infiltrated Kiln's API, which became the key entry point for the attackers to access the system. Preliminary investigations indicated that Kiln's API had a security vulnerability that was not promptly patched, and the hackers exploited this vulnerability, using carefully designed attack methods to bypass security verification mechanisms, illegally obtaining relevant operational permissions, and subsequently transferring the staked SOL tokens.
Rapidly launch recovery plan
SwissBorg confirmed in a post on platform X that it plans to utilize its SOL treasury to help affected users recover most of their balances. The company's SOL treasury is sufficiently sized to meet the compensation demands. Additionally, the company stated that the final compensation amount will be announced in the coming days, detailing the specific process for compensation, which is expected to start within a week to ensure users can receive their compensation as soon as possible.
Additionally, SwissBorg is actively seeking the help of white hat hackers and security experts, hoping to leverage their expertise to trace the flow of stolen tokens and recover stolen assets as much as possible. The company clearly stated that its ultimate goal is to ensure the security of all users' assets.
Concerns about security in the cryptocurrency industry continue to escalate
The security violation incident encountered by SwissBorg coincides with a significant cybersecurity panic in the digital asset industry. On the same day, an NPM software developer was breached, triggering a supply chain attack, which once again sounded the alarm for the industry.
Supply chain attacks differ from direct attacks on wallets or exchanges; they are implemented by attackers penetrating trusted software distribution channels, making this attack method highly covert and complicating detection and prevention efforts.
In fact, there have been several similar supply chain attack cases in the cryptocurrency industry before. For example, a well-known cryptocurrency wallet was threatened due to the use of a third-party component with security vulnerabilities, leading to significant risk for users' assets; another cryptocurrency trading platform suffered user fund losses due to an intrusion on its integrated third-party payment interface.
When commenting on the broader risks facing the current cryptocurrency industry, Ledger's Chief Technology Officer Charles Guillemet suggested that cryptocurrency investors who do not use hardware wallets temporarily pause on-chain transactions. This is because hardware wallets use offline storage for private keys, which can more effectively prevent cyber attacks compared to other storage methods. Investors who do not use hardware wallets are at greater security risk as their private keys are more easily exposed in the online environment. Pausing transactions can help avoid unnecessary losses to some extent.
Committed to strengthening security measures
SwissBorg assures users that its applications and other services are still operating normally and were not affected by this hacker attack. The company stated that it will learn lessons from this intrusion incident and plans to implement a series of additional security measures to prevent similar incidents from occurring in the future. These measures may include optimizing security review processes for partners, enhancing the security capabilities of its own systems, and regularly conducting security vulnerability assessments.
Despite the scale of asset loss shaking people's confidence in centralized staking platforms to some extent, SwissBorg's decision to compensate user balances may help maintain community trust. Details about the final compensation will be announced in the coming days.
If you're still confused in the crypto space, lacking firsthand information and professional guidance, consider following Ming Ge by clicking on his avatar. Ming Ge has deep roots in the crypto space and shares rich experiences and real operational insights every day!#solana #sol
