SwissBorg, a crypto wallet and exchange service, has confirmed that a major security breach allowed attackers to steal Solana (SOL) worth $41.5 million from its staking protocol.
The attack, conducted against the company's SOL Earn programme, was made possible by cybercriminals exploiting an API vulnerability.
Details of the attack
Crypto investigator ZachXBT was the first to inform the community of the ongoing theft, posting a alert message on Telegram in which it spoke of a "serious Solana hack" in progress. SwissBorg immediately responded in the same thread, alerting users that its Solana staking programme had been completely compromised.
SOL Earn Incident & SwissBorg Recovery Plan
- SwissBorg (@swissborg) September 8, 2025
A partner API was compromised, impacting our SOL Earn Program (~193k SOL, <1% of users).
👉 Rest assured, the SwissBorg app remains fully secure and all other funds in Earn programs are 100% safe.
Our recovery plan.
Immediate Actions...
"A partner API has been compromised, impacting our SOL Earn programme (~193,000 SOLs, &l;1% of users). Rest assured that the SwissBorg app remains completely secure, and all other funds in the Earn programmes are 100% protected," SwissBorg stated on X.
Subsequently, the company confirmed that the hack only affected the SOL Earn programme. Nevertheless, the losses for the company are expected to be significant, as SwissBorg has been among Solana's most vocal supporters in recent years. CEO Cyrus Fazel had even praised SOL's bullish outlook in an interview in 2024.
On-chain data from Arkham Intelligence indicate that SwissBorg held $72.6 million in Solana prior to the attack. If confirmed, the hackers would have been able to drain well over half of the company's total SOL reserves. The SOL Earn programme accounted for about 1% of the user base before the attack, so it is not yet clear to what extent the incident impacted the platform as a whole. However, a loss of this magnitude will inevitably affect the company's treasury.
SwissBorg has confirmed that it will reimburse customers using its own funds, to return a 'significant portion' of their balances. Without an effective recovery, however, the platform has admitted that it will not be able to fully reimburse all affected users.
Consequences for the industry
Hacks based on API exploits are becoming an increasingly common attack vector in the crypto industry. Even when a platform's internal security measures are robust, partner integrations can be a weak point. A recent JavaScript exploit has shaken up the industry, highlighting the inherent risks of such collaborations.
ZachXBT, which has been warning the community for months of the arrival of a 'criminal super-cycle', described the exploit against SwissBorg as the work of highly organised cyber criminals, capable of stealing millions from digital asset platforms.
Recovery plans
SwissBorg said it will be transparent in its investigation of the theft. The CEO, Cyrus Fazel, scheduled a live broadcast in the afternoon to outline the company's future plans.
In the meantime, blockchain investigators and white-hat hackers are tracking the movement of stolen funds to support recovery operations. Although the effectiveness of crypto crime prevention remains debatable, the incident will likely add to the demand for greater security for platforms and their ecosystems.
