SwissBorg

On September 8, 2025, SwissBorg—a Swiss crypto wealth management platform with 850k+ users—lost $41M (192,600 SOL) in a supply chain attack exploiting Kiln’s API for its SOL Earn staking program, where a concealed malicious unstaking tx (buried authorizations) transferred control of staking accounts to attacker wallets, draining funds split across Solana (dormant) and Ethereum (bridged via Wormhole/Mayan, laundered via Tornado Cash/FixedFloat/deBridge). ZachXBT flagged; SwissBorg contained by pausing SOL redemptions (other Earn/app unaffected, <1% users hit, 2% assets), pledged full treasury reimbursements, and launched recovery with white-hats/law enforcement/exchanges (some txs blocked). Amid September’s $163M hacks (PeckShield), this “Bybit v2″—third-party mimicry—exposes API risks in staking infra, urging tx simulation, vendor audits, and multi-sig controls to avert $41M drains in 2025’s $3.1B H1 losses.