A third-party API vulnerability has led to a $41 million hack at SwissBorg, highlighting the growing threat of infrastructure-level exploits. Just 1% of users were impacted, but the breach shows how even well-established platforms remain vulnerable when relying on external providers.
Meanwhile, in Washington, the US Treasury is exploring ways to monitor stablecoin transactions, potentially turning them into a new surveillance tool under the GENIUS Act. Analysts say the effort to fight illicit finance could come at the cost of individual privacy.
And in Eastern Europe and Central Asia, Belarus and Kazakhstan are doubling down on state-backed crypto strategies. Belarus is pushing regulators to finalize long-delayed digital asset rules, while Kazakhstan plans to launch a national crypto reserve and digital asset hub by 2026.
SwissBorg hacked for $41M SOL after third-party API compromise
Hackers drained 193,000 SOL (worth around $41 million) from SwissBorg’s Solana Earn program after exploiting a vulnerability in the API of Kiln, a third-party staking infrastructure provider. The compromised API allowed attackers to manipulate requests and siphon off funds without affecting SwissBorg’s main app or other Earn products.
SwissBorg confirmed that only about 1% of users and 2% of total assets were impacted. The company pledged to reimburse affected users and noted it has sufficient treasury reserves to do so. CEO Cyrus Fazel described it as “a bad day,” but emphasized that operations remain stable and secure. Some stolen funds have already been blocked with the help of international agencies and exchanges.
Get the full breakdown of global crypto crime shifts in our recently published Hacks & Scams Report 2025.
Why this matters:
As the crypto industry becomes increasingly interconnected, third-party vulnerabilities are becoming a growing risk vector. This incident reminds us that even well-funded and security-conscious platforms can be exposed through partners. Firms must regularly audit and stress-test their integrations—not just their own infrastructure—to mitigate these hidden threats.
Read more on Cointelegraph
The US explores stablecoin surveillance tools amid privacy tensions
The US Treasury Department is exploring ways to monitor stablecoin transactions as part of its digital asset risk mitigation efforts.
In a public request for comment released on August 18, Treasury invited proposals on how to detect illicit finance risks involving digital assets, including the use of APIs, AI, and identity verification tools. The initiative falls under the GENIUS Act, signed by President Trump in July 2025, which treats stablecoin issuers as financial institutions.
While the administration previously banned central bank digital currencies (CBDCs) over privacy concerns, analysts argue that the government’s push to deanonymize stablecoin transactions may have similar implications. Economists at the Bank for International Settlements have also proposed an AML compliance score for crypto transactions, raising fears among critics that these efforts could mirror social credit-style systems.
Meanwhile, former CFTC chair Timothy Massad has suggested zero-knowledge digital credentials could offer a compromise, allowing regulators access without exposing data publicly. However, others argue that any meaningful enforcement will inevitably involve some level of privacy concession.
Why this matters:
The U.S. is at a crossroads between financial innovation and surveillance. While stablecoins are often promoted as a privacy-preserving alternative to CBDCs, recent moves by regulators suggest that monitoring and control mechanisms may be applied regardless of the format. The debate around how to balance compliance and civil liberties is heating up, and the outcome will shape the future of on-chain finance.
Read more on Crypto.News
Belarus and Kazakhstan ramp up national crypto strategies
Belarus and Kazakhstan, both emerging crypto markets, are accelerating efforts to embed crypto into their national financial systems, but with slightly different goals.
In Belarus, President Alexander Lukashenko has urged regulators to finalize long-delayed digital asset rules. Despite signing a landmark decree in 2017 that legalized crypto activity through the Hi-Tech Park (HTP) economic zone, Lukashenko says the legal system hasn’t kept pace with technological progress. A recent inspection revealed violations at crypto platforms and unreturned investor funds sent abroad, prompting calls for “transparent rules of the game” to reassure both local and foreign firms operating in Belarus.
Lukashenko has previously floated the idea of using the country’s surplus electricity for national crypto mining and continues to frame Belarus as a “digital haven”, provided the legal framework can catch up.
Meanwhile, in Kazakhstan, President Kassym-Jomart Tokayev has laid out a more proactive plan. The country aims to launch a State Digital Asset Fund by 2026, holding a reserve of top cryptocurrencies and tokenized assets under the National Bank’s investment arm. Tokayev’s wider vision includes a digital currency (the digital tenge, already in use), and a new smart city project dubbed CryptoCity, where everyday payments for groceries, transit, and public services will be fully digitized.
Kazakhstan is also home to Central Asia’s first Bitcoin ETF and remains a significant player in Bitcoin mining, though it has faced issues with energy shortages and illegal operations in the past.
Why this matters:
While many countries remain cautious, Belarus and Kazakhstan are doubling down on crypto as a core pillar of future finance. Belarus wants to shore up trust in its early pro-crypto framework, while Kazakhstan is charging ahead with national reserves, digital currencies, and infrastructure. Together, they highlight two different models for state-level crypto integration; one catching up, the other racing ahead.
