Earlier today, on 9th September, Swiss asset manager SwissBorg reported that hackers stole about $41,000,000 USD, or $62,000,000 AUD, in Solana (SOL) after exploiting a flaw in the API code of one of its staking partners.
The firm said the attackers manipulated the partner’s API to divert funds that had been routed into the Solana DeFi ecosystem.
SwissBorg blamed the breach on the compromised third-party code and said it began recovery steps immediately.
How the hack worked?
SwissBorg relied on Kiln to provide staking services, and Kiln handles enterprise-level staking on several chains, mainly Solana and Ethereum.
The attackers found a weakness in Kiln’s API code, and they used that access to change the flow of money. The hacker then transferred 100 SOL tokens to Bitget
Money that was meant for staking was sent to attacker wallets. The company said the breach hit assets connected to its Solana operations.
What SwissBorg is doing now?
SwissBorg said its core services continue to run as normal, and the firm added that assets held inside the SwissBorg app and in its Earn program are stable and intact.
Teams have started work to recover the stolen funds, and SwissBorg has hired security firms and reached out to ethical hackers to trace and reclaim the assets.
The company also plans to use its SOL treasury to cover losses and repay affected users. At this point, SwissBorg expects the treasury to cover most, if not all, of the impact on customers.
Also Read: Crypto Hacks Escalate in July as Attackers Steal $142 Million Marking a 27% Spike from June
User protection and compensation
SwissBorg said it will compensate those who lost funds and that users will not be left exposed. The firm highlighted its treasury holdings as a buffer for emergencies like this.
Company officials said they aim to return funds quickly and to make customers whole without drawing on external capital.
SwissBorg asked users to follow its official X(Twitter) account for updates and further details about the recovery plan.
Community reaction
Some members of the crypto community welcomed SwissBorg’s transparency and the pledge to repay users. Others were critical of the company’s reliance on a third-party API.
The attack has restarted debates about how much trust projects should place in external providers. Security experts warned that any integration with outside code can increase risk.
The incident has pushed developers to recheck third-party links and to tighten controls on external dependencies.
Industry in between
The breach occurs during a busy month for DeFi exploits. Yesterday we covered, an attack on the Nemo Protocol built on Sui Network resulted in a loss of $2,400,000.Â
These incidents have raised new concerns about the safety of DeFi systems and staking services that depend on third-party software. Currently, there is pressure on platforms and developers to improve fail-safes and carry out more thorough testing of APIs.
What this means for staking services
Third-party services can speed up development and increase yields. But they also create new attack paths. When a third-party provider is compromised, any project that depends on that provider can be exposed in seconds.
For users, this means that even well-known platforms can be at risk when they contract out important functions. For teams, it means more auditing, tighter release controls, and closer scrutiny of partners.
SwissBorg said it is moving fast to limit the damage and to bring funds back. The firm urged customers to stay calm and to check its official X(Twitter) channel for the latest statements.
Major Hacks On-Going
Due to a devastating attack that took place on July 10 and caused the loss of 577 Ethereum (about $1.55 million), the Ethereum Layer-2 protocol known as Kinto has formally declared that it will shut down on September 30.
The attack caused $K, its native token, to plummet, losing more than 81% of its value in the days that followed the breach.
For now, the message from SwissBorg is clear, users will be repaid, and the company will work with specialists to recover assets and improve defences.