SwissBorg, a European crypto wealth platform, has confirmed an exploit impacting its Solana Earn strategy, with losses estimated at around 192,600 SOL (≈$41 million) on Sept. 8. The company stressed that its main app and core systems remained secure, and pledged that no users would ultimately bear losses.

How the exploit unfolded

In a Sept. 8 statement, SwissBorg explained that the breach originated from an API integration with staking provider Kiln rather than from its own systems. Hackers manipulated the API connected to the Solana Earn product, siphoning funds to an external wallet that blockchain explorers have since flagged as the “SwissBorg Exploiter.”

The incident affected fewer than 1% of SwissBorg customers and represented about 2% of total platform assets, though nearly half of SwissBorg’s Solana reserves were taken.

Immediate response

The company said its internal teams identified the exploit around midday CEST and acted within 20 minutes to pause Solana Earn redemptions and prevent further loss.

SwissBorg has already drawn from its own Solana treasury to reimburse most users, with final compensation figures still being determined. CEO Cyrus Fazel described it plainly in an X update:

“A bad day, but not a fatal one. SwissBorg is in good financial shape and all users will be made whole.”

The recovery plan

SwissBorg outlined a multi‑layered recovery strategy across its blog, social channels, and a YouTube live QA hosted by Fazel:

  • Treasury allocation: Deploying internal SOL reserves so affected users recover a large portion of balances quickly.
  • Investigations: Working with white‑hat hackers, Chainalysis, Fireblocks, Seal Org, and other partners to trace funds and block transactions connected to the exploit.
  • Law enforcement: Engaging regulators and police to pursue recovery.
  • Transparency: Publishing regular updates and promising a full incident report once investigations conclude.

The company also pledged deeper due diligence around third‑party integrations and stronger oversight of API dependencies to prevent similar exploits.

Support from the crypto community

SwissBorg publicly thanked collaborative security actors including @_SEAL_Org, @zachxbt, @chainalysis, @FireblocksHQ, and @Kiln_finance for rapid assistance. Block explorers confirm some movement from the attacker’s wallet has already been frozen on exchanges.

Community members have also credited SwissBorg’s swift communication and commitment to reimburse users, a reassuring stance in a sector where hacks often result in long delays or losses being socialized to platform users.

Industry context

The incident reignited debate around third‑party risks in staking and DeFi products. Critics argue that reliance on API connections and infrastructure partners leaves otherwise secure platforms vulnerable to external points of failure.

The SwissBorg episode follows other September exploits, including a $2.4 million loss on Sui‑based Nemo Protocol, highlighting how recurring weaknesses in middleware and validator integrations remain a key battleground in crypto security.

Still, SwissBorg has positioned itself differently by being transparent with updates and proactively guaranteeing users won’t absorb losses. That promise distinguishes the firm from many DeFi projects that lack equivalent treasury support or regulatory standing.

What happens next

  • Redemptions for Solana Earn remain paused, but balances in the SwissBorg app are stable and unaffected.
  • Impacted users are being contacted individually via email with reimbursement details.
  • SwissBorg says long‑term operations and finances are not impaired, noting that Solana reserves account for a fraction of its overall $2 billion+ asset base.

The company has said it expects to emerge with stronger infrastructure and lessons learned. A full report will be released after investigations conclude.

Expert editorial view

Security incidents like the SwissBorg Solana Earn exploit highlight how vulnerabilities often arise not from protocol code but from third-party integrations such as APIs and staking providers. This is a recurring theme in blockchain security research, as pointed out by firms like Chainalysis and PeckShield in multiple mid‑year industry reports.

SwissBorg’s immediate coverage of users’ balances with its own treasury funds is a significant reputational safeguard. Many DeFi protocols with smaller reserves have historically left users with partial losses or lengthy recovery processes.

From our newsroom’s analysis, SwissBorg approached the crisis with commendable speed, transparency, and backing by reputable security partners. However, reliance on external staking APIs remains a systemic risk, and unless mitigated, even well-capitalized platforms could face serious reputational and financial damage when exploited again.

In our view, this episode underscores a need for tighter due diligence on counterparty integrations and a warning that user trust in “Earn” products depends not just on yield, but also on how quickly firms can resolve worst‑case scenarios.

Venus Protocol Returns $11.4M to Phishing Victim after Coordinated Recovery | HODL FM
Venus Protocol, a lending platform on BNB Chain and other networks,…
hodl-post-imageHODL FM: The Wildest Ride in the Crypto MarketGunel Ismayilova
hodl-post-image

Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL FM is not a financial reference resource, and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require adviceHODL FM strongly recommends contacting a qualified industry professional.