Understanding the Solana Theft and SwissBorg’s Response Measures

Switzerland -based crypto platform SwissBorg confirmed Solana theft on September 8, 2025, that it lost about $41 million worth of Solana (192,600 SOL) after hackers exploited a vulnerability in the system of its staking partner, Kiln.

The company clears that the theft did not affect the SwissBorg app or other Earn programs. Instead, attackers target an API connection used in the SOL earn program, which lets users deposit SOL to earn staking rewards.

Source: SwissBorg

What Happened: A Crux View

• The Solana theft occurred on the external DeFi wallet managed with Kiln.

• Around 2% of the Company's total assets and less than 1% of users were affected.

• Blockchain data shows the stolen funds were moved to a wallet now labeled the “SwissBorg Exploiter.”

Leader in Front: Company’s Response

SwissBorg CEO Cyrus Fazel said, “it was a bad day, but not a fatal blow.” In the progressive move, the company states that it will cover all the user losses using its SOL treasury while SOL earn redemptions are being closed temporarily.

Working with white-hat hackers, security firms, exchanges, and law enforcement to trace and recover funds have been started. On the other hand,  normal operations with other Earn strategies will continue un-effectively.

Third Party Opening Vulnerabilities: Cases on Rise

On the same day of the Solana theft on SwissBorg, another major security scare occurred. A supply chain attack connected to NPM software libraries, tools that many blockchain and crypto projects use to build their apps, found altered with malicious codes to sneak in through trusted third party software.

Not only this, if we talk about previous major cases including Venus Protocol Phishing Attack , Lykke crypto hack , BigOne Exchange Attack , NimDoor Malware , and many more become the victims of third party vulnerabilities or prone areas that acted as an entering door.

Need: Can’t be Completely Vanished

Although most of the time attacks like here in Solana theft take place by targeting the major platforms, third party connections or supply doors. But the fact of this collaboration’s need or involvement for the project's smooth, efficient working can’t be denied.

The current situations are asking for more strong vigilances and the protective door keepers for the network inflow and outflows. Developed and updated protocols and systems could act as the saviour.