On September 8, 2025, unauthorized activity by a threat actor was detected on the Kiln platform. Following the announcement of the incident and our decision to exit Ethereum validators as a precautionary measure, we are sharing an additional public update on the status of our services re-enablement, and the incident’s findings at this stage.
Executive summary
The investigation has determined that the entry point of the attack was the compromise of a GitHub access token belonging to a Kiln infrastructure engineer. Using these credentials, the threat actor was able to run Github Actions CI workloads which enabled them to harvest Kiln infrastructure credentials. Using these credentials, they modified the Kiln Connect API backend controller to return a malicious transaction, which one Kiln enterprise customer signed in their custody solution, causing a loss of funds.
There is no evidence of any other malicious transaction, modification to Kiln systems, or assets stolen from any other Kiln customer beyond the initially identified incident.
As part of our incident response plan, we immediately contained the activity and disabled possibly affected services, and began the rotation of the keys of any possibly affected validator as precautionary measure. We are pleased to report that the Kiln Enterprise Dashboard, dApp, Widget, DeFi and all Kiln Connect API services are once again available, including the deployment of new Ethereum validators. Each service was re-enabled following an in-depth security review and hardening process performed in conjunction with Sygnia and other security partners.
What makes this incident remarkable is the stealth and precision of the techniques employed—methods that evaded every audit and penetration test—highlighting the reality of facing adversaries with methods at the level of state-sponsored actors.
The learnings from this incident have enabled us to strengthen Kiln’s security measures and roadmap across all layers – identity, network, workflows, workloads, key management, and monitoring – making Kiln not only recovered, but stronger.
Incident description
On September 8, 2025, unauthorized activity by a threat actor was detected on the Kiln platform. We immediately engaged Sygnia, a cybersecurity firm, to conduct forensic analysis, containment, and remediation.
The investigation has determined that the entry point of the attack was the compromise of a GitHub access token belonging to a Kiln infrastructure engineer. The malicious actor created and immediately deleted branches to trigger CI/CD (Continuous Integration/Deployment) workflows in our IaC (infrastructure as code) repository. The branches changed a very large number of files to remain hidden.
From the triggered CI workflows, they harvested stored secrets and cloud credentials from these workflows. These credentials granted access to cloud service accounts and production systems across Amazon Web Services (AWS), Google Cloud Platform (GCP), and our bare-metal infrastructure. The threat actor injected a malicious payload into a running Kubernetes pod hosting the Kiln Connect API, modifying the logic of a Kiln API endpoint to return a malicious transaction, in addition to the expected “deactivate stake” transaction. The malicious transaction changed the withdrawal authority of the Solana stakes, only if the existing withdrawal authority of the stake account provided in the POST call held stake balances above 150k SOL.
One Kiln client was directly impacted when they used Kiln Dashboard to unstake one of their SOL stake accounts on August 31st. The malicious transaction was forwarded from Kiln Dashboard to their custody solution, where it was approved by a quorum of signatories in the customer’s custody instance. To avoid any risk of such attacks, Kiln has consistently recommended that customers decode transactions to verify their integrity before signing, as this is best practice for so-called “raw signing” transactions.
Kiln provides a decoding tool for this purpose, which is linked from Kiln Dashboard and documentation. Signing and broadcasting a transaction without decoding may result in a loss of authority over stake accounts, as occurred in this case.
At this time, there is no evidence of any other malicious transaction, modification to Kiln systems, or loss of funds from any other Kiln customers.
The threat actor avoided leaving traces by never writing persistent files, never modifying code in repositories, and never modifying container images or databases. Instead, they relied on stealthy commands run directly inside short-lived workloads in the cloud. To further cover their tracks, these commands were launched from thousands of different IP addresses. By focusing on this method of access, the threat actor was able to operate undetected.
At this time, there is no conclusive evidence of how the compromise of the employee’s Github access token occurred.
Kiln incident response
Upon the unauthorized activity being detected on September 8th, we activated our incident response policy, which included the following actions:
- Engaged with customers, security partners, and law enforcement.
- Shut-down of all possibly affected services, including the rotation of any possibly accessed validator key as a precautionary measure.
- Assessment and confirmation of no other client impact or malicious transactions or other modified change to the infrastructure beyond the initially identified incident.
- Engagement of Sygnia as the primary incident response partner for forensic analysis, containment, eradication, and 24/7 monitoring of our infrastructure, accounts, and accesses. Enhanced monitoring of our environments for unauthorized executions.
- Suspended service accounts and rotated all service account credentials and access keys.
- Comprehensive review of GitHub repositories and workflows for signs of compromise.
- Communications to all customers and press through press release, status page, broadcasts to customers and calls.
Security is and has always been Kiln’s #1 priority. Kiln has been SOC2 Type II compliant for 3 years, with regular infrastructure and software penetration tests, smart contract security audits and bug bounties, onchain monitoring programs, cyber and slashing insurance, and other measures, shared with customers at security.kiln.fi.
For years, well before the attack, the rising threats and the adversarial nature of the crypto industry led us to define a security program above and beyond the requirements of SOC2. This program was strengthened by the learnings from this incident, and today enables us to deliver a hardened security posture across 6 key strategic axes. Together, they don’t just block the techniques used in this incident but they create overlapping, reinforced defenses that raise the bar in the event of any future attempt.
- Zero-Trust Access Plane
Identity-driven access, enforced through predictable and controllable network boundaries. - Trusted Continuous Integration/Deployment (CI/CD) and Infrastructure as code (IaC) Execution
Only hardened, auditable pipelines can modify infrastructure, with no long-lived secrets. - Blast-Radius Isolation and Least Privilege
Strict segmentation and privilege minimization prevent lateral movement. - Application and Container Hardening
Immutable workloads and runtime integrity checks reduce tampering and exploitability. - Continuous Monitoring and Response
Endpoints, clouds, and APIs are continuously scanned, logged, and defended by a 24/7 SOC. - Validator Key Protection
Signing operations are isolated depending on protocol. Keys are secured through hardened workloads. Future enhancement will include confidential computing enclaves, and where supported, threshold-based signatures.
After an extensive review and audit, we're ready to make Kiln Enterprise Dashboard, dApp, Widget, and all Kiln Connect API available again as well as the deployment of new Ethereum validators. The final group of protocols are to be re-enabled on the Enterprise Dashboard the week of October 6th. Kiln Onchain and Kiln DeFi were not affected by the incident and remained available throughout. Kiln Validators remained up and generated rewards throughout the incident. Each service was re-enabled following an in-depth security review and hardening process performed in conjunction with Sygnia and other security partners. We have and continue to share updates on the re-enablement of services on status.kiln.fi.
How you can stay safe
While this incident affected only one customer with a specific circumstance, we want to remind all users of important security practices:
- Always decode transactions before signing — Kiln provides decoding tools to verify transaction integrity before signing.
- Verify withdrawal addresses — Confirm the destination address matches your intended recipient.
- Follow security updates — Stay informed through our official communications channels.
Implement proper signing quorums — For enterprise users, ensure your custody solution requires multiple approvals for high-value transactions.
Looking forward
We are immensely grateful to our customers, security partners, Kilners, and the broader crypto community for their support and reaction to this attack.
Enterprise clients have remained committed to continue building with Kiln, and we remain well-capitalised and focused on long-term resilience, with a clear priority: to keep raising the bar for digital asset infrastructure security.
About Kiln
Kiln is the leading staking and digital asset rewards management platform, enabling institutional customers to earn rewards on their digital assets, or to whitelabel earning functionality into their products. Kiln runs validators on all major PoS blockchains, with over $11 billion in crypto assets being programmatically staked and running over 5% of the Ethereum network on a multi-client, multi-cloud, and multi-region infrastructure. Kiln also provides a validator-agnostic suite of products for fully automated deployment of validators and reporting and commission management, enabling custodians, wallets, and exchanges to streamline staking or DeFi operations across providers. Kiln is SOC2 Type 2 certified.
