Security

SwissBorg Solana Earn Program Compromised via Third-Party API

An exploited staking partner API allowed attackers to siphon $41 million in SOL, highlighting critical supply chain risks in DeFi integrations.
September 16, 20252 min

A macro view reveals a light blue, sponge-like material intricately embedded with diverse technological components. Polished silver circular elements and deep blue, translucent mechanisms are interspersed throughout the textured surface
A polished metallic rod, angled across the frame, acts as a foundational element, conceptually representing a high-throughput blockchain network conduit. Adorned centrally is a complex, star-shaped component, featuring alternating reflective blue and textured white segments

Briefing

SwissBorg’s Solana Earn program suffered a significant security incident on September 8, 2025, resulting in the theft of approximately 193,000 SOL tokens, valued at $41 million. The breach originated from a compromised API belonging to Kiln, a staking infrastructure partner, enabling unauthorized fund withdrawals from user deposits. This incident underscores the inherent risks associated with integrating third-party services into decentralized finance ecosystems. SwissBorg has committed to fully reimbursing all affected users from its treasury.

A white, spherical central unit with a lens reflecting a complex blue digital landscape is enveloped by branching, intricate blue structures resembling advanced circuitry. This imagery evokes the central hub of a decentralized system, perhaps a core validator node or a genesis block's computational nexus

Context

Prior to this event, the digital asset landscape consistently presented a broad attack surface, particularly within DeFi protocols leveraging external services. Integrations with third-party APIs introduce expanded vectors for compromise, often overlooked in smart contract-centric security models. Centralized points of failure within decentralized systems, such as administrative keys or compromised API endpoints, frequently expose protocols to substantial financial risk.

The image displays a close-up of a high-tech mechanism featuring a central circular component filled with vibrant blue liquid, surrounded by numerous small, transparent spheres. This intricate hardware setup is characterized by metallic finishes, blue glowing accents, and a dark, structured base

Analysis

The incident leveraged a critical vulnerability within Kiln’s API, the software bridge connecting SwissBorg’s application to the Solana staking network. Attackers manipulated requests through this compromised API, gaining unauthorized access to and control over funds within the Solana Earn program. This attack circumvented direct smart contract vulnerabilities, exploiting an operational security flaw in the data exchange layer. The illicitly obtained funds were subsequently routed to a Solana wallet identified as the “SwissBorg Exploiter.”

The image displays a detailed view of interconnected blue mechanical components. Predominantly, dark blue cylindrical units with central black and silver elements are visible, alongside a rectangular block featuring multiple circular ports

Parameters

  • Exploited Protocol → SwissBorg Solana Earn program
  • Vulnerability → Third-party API compromise (Kiln)
  • Financial Impact → $41 Million (193,000 SOL)
  • Blockchain Affected → Solana
  • Attack Date → September 8, 2025
  • Attacker Wallet → Solscan-labeled “SwissBorg Exploiter”
  • Mitigation Response → User reimbursement, active investigation, Kiln exiting Ethereum validators

A sophisticated mechanical component, featuring polished metallic surfaces and a prominent blue-colored section, is shown partially immersed and surrounded by a delicate, bubbly, foam-like substance. The substance flows dynamically around the component, highlighting its intricate design and precision engineering against a soft, neutral background, suggesting a process of interaction or encapsulation

Outlook

Immediate mitigation requires users to remain vigilant regarding third-party service permissions and to monitor official announcements for security updates. This incident will likely drive a re-evaluation of API security protocols and supply chain risk management across the DeFi sector. Protocols integrating external services must implement more robust validation mechanisms and multi-layered security controls to prevent similar API-based exploits. The industry must establish new best practices for assessing and managing third-party dependencies.

A close-up view features a network of silver spheres connected by reflective rods, set against a blurred blue background with subtle textures. The foreground elements are sharply in focus, highlighting their metallic sheen and granular surfaces

Verdict

This API compromise on a critical staking partner fundamentally redefines the scope of supply chain risk within decentralized finance, demanding immediate and comprehensive re-architecture of external service integrations.

Signal Acquired from → Cointelegraph

Micro Crypto News Feeds

decentralized finance

Definition ∞ Decentralized finance, often abbreviated as DeFi, is a system of financial services built on blockchain technology that operates without central intermediaries.

decentralized

Definition ∞ Decentralized describes a system or organization that is not controlled by a single central authority.

swissborg

Definition ∞ SwissBorg is a digital asset wealth management platform that offers users a streamlined way to invest in and manage cryptocurrencies.

solana

Definition ∞ Solana is a high-performance blockchain platform designed to support decentralized applications and cryptocurrencies with exceptional speed and low transaction costs.

api compromise

Definition ∞ An API compromise occurs when an unauthorized party gains access to an Application Programming Interface.

kiln

Definition ∞ 'Kiln' in the cryptocurrency domain can refer to a specialized hardware device or a specific type of smart contract used for minting or creating new digital assets, particularly NFTs.

supply chain risk

Definition ∞ Supply chain risk refers to the potential for disruptions or vulnerabilities within the network of organizations, people, activities, information, and resources involved in moving a product or service from supplier to customer.

supply chain

Definition ∞ A supply chain is the network of all the individuals, companies, resources, activities, and technologies involved in the creation and sale of a product, from the delivery of source materials from the supplier to the manufacturer, through to its eventual sale to the end consumer.

Tags:

Tags: