SwissBorg Crypto Platform Hacked for Over $41M Amid Massive Supply Chain Attack - Here’s What You Need to Know

SwissBorg's infrastructure just got rocked by a sophisticated supply chain attack—resulting in one of the largest crypto heists of the year.

How It Went Down

The attackers exploited a third-party service provider, bypassing multiple layers of security and making off with more than $41 million in digital assets. The breach wasn’t just a hit on SwissBorg; it’s a stark reminder that in crypto, your stack is only as secure as the weakest link in the chain.

No internal systems were directly compromised, but sometimes it doesn’t matter—outsourced tools can become your downfall.

Response & Recovery

The team has temporarily suspended withdrawals and is working with blockchain forensic firms to trace the funds. User assets held in cold storage remain untouched, but hot wallet operations took the full blow.

Regulators are already circling—expect some strongly worded letters and maybe a fine, because nothing says 'security' like punitive action after the fact.

Big Picture

Supply chain attacks are becoming the go-to move for high-level threat actors. This isn’t some amateur phishing scam—it’s organized, well-funded, and frighteningly effective.

If there’s a silver lining, it’s this: the attack targeted the platform, not individual users. But let’s be real—when a centralized service gets popped for $41M, everyone feels the heat. Maybe it’s time to ask whether your crypto is safer in your own wallet than on yet another yield-chasing platform. Just a thought.

Crypto asset holders are under siege today as on-chain sleuths reported the largest supply chain attack potentially affecting all blockchains. Charles Guillemet, the CTO at Ledger, announced the massive supply chain attack, which has been in progress and likely still in effect. 

Guillemet noted that the NPM account of a reputable developer has been compromised, with the affected packages consisting of more than 1 billion downloads. With the entire JavaScript ecosystem likely at risk, Guillemet has cautioned crypto users to refrain from making any transactions for now. 

“If you use a hardware wallet, pay attention to every transaction before signing and you’re safe. If you don’t use a hardware wallet, refrain from making any on-chain transactions for now. It’s still unclear whether the attacker is also stealing seeds from software wallets directly at this stage,” Guillemet noted.

Crypto Developers’ Response to Today’s Supply Chain Attack

According to MetaMask developers the massive supply chain attack, which has a malicious code attempting to steal users’ funds in several ways, has not affected its customers. 

“The malicious code attempts to steal crypto in a variety of ways. However, we have not seen any reports of crypto actually being stolen. We will continue to monitor closely. As always, stay SAFE and don’t click links,” MetaMask team noted.

Meanwhile, crypto developer Rezo stated that the use of software execution creates an inevitable point of failure thus advocating for cryptocurrency holders to use hardware wallets.

Was SwissBorg a Victim?

Earlier on Monday, on-chain security analyst ZachXBT reported that Switzerland-based crypto platform SwissBorg was hacked for 192,600 solana (SOL) coins, valued at nearly $42 million. According to SwissBorg, its partner API was compromised, thus impacting the SOL Earn Program.
At the time of this writing, there was no direct connection between the two hacks.

Meanwhile, SwissBorg announced that it plans to make all impacted customers whole again.