SwissBorg Hit by Security Incident on Solana, $41M in SOL Affected

SwissBorg, the Switzerland-based crypto wealth management platform, has confirmed a significant security incident that led to the loss of approximately 192,600 SOL tokens — valued at more than $41 million. The breach, which occurred between September 8 and 9, 2025, was linked to a compromise of the application programming interface (API) provided by Kiln, a third-party staking infrastructure partner.

In an official statement, SwissBorg emphasized that the attack was isolated to its Solana Earn product, a service allowing users to stake SOL and earn yield. The company said its main app, as well as other Earn products tied to diverse assets, remain unaffected. As a precautionary measure, SwissBorg temporarily suspended Solana staking on its platform while working with Kiln and external security firms to investigate the incident and strengthen system protections.

Impact on users and platform response

According to the company, fewer than 1% of SwissBorg’s users were directly impacted by the security breach. Despite the relatively small number of affected accounts, the financial hit was significant, given the high market value of Solana at the time of the incident. SwissBorg has pledged to cover all losses from its own treasury to ensure that customers do not suffer financially as a result of the exploit.

The platform stated that its internal systems and wallets were not compromised. Instead, the vulnerability originated from Kiln’s API integration, which attackers exploited to siphon funds. SwissBorg has assured users that account credentials, personal data, and non-Solana assets remain secure.

In the wake of the breach, SwissBorg activated its incident response plan. This involved halting all Solana staking operations, notifying affected users, and coordinating with Kiln as well as blockchain analytics and forensic partners to trace and potentially recover the stolen SOL. The company has also committed to implementing enhanced security measures and conducting a comprehensive audit of its third-party integrations.

Industry concerns and next steps

Independent security firm sluggishMist confirmed the scale of the theft, categorizing it as a third-party vulnerability exploit. The firm’s analysis supported SwissBorg’s initial findings that the Solana blockchain itself was not directly compromised. Instead, the attack targeted a fragileness in the connection between SwissBorg and Kiln, underscoring a broader industry concern: as crypto platforms increasingly rely on specialized infrastructure providers, they may expose themselves to new attack vectors.

This incident adds to a series of recent challenges facing the Solana ecosystem, which has viewn both rapid growth in user adoption and recurring security issues. For SwissBorg, the focus is now on reassuring customers, enhancing security, and cooperating with investigators. The company has pledged to provide regular updates as recovery efforts progress.

While SwissBorg’s quick response and commitment to reimbursing users may assist preserve trust, the breach highlights ongoing vulnerabilities across the decentralized finance sector. As the industry continues to mature, both platforms and their infrastructure partners face mounting pressure to strengthen defenses against increasingly sophisticated cyberattacks.