In September 2025, the cryptocurrency industry experienced a total of $127.06 million in losses due to various hacks, as reported by blockchain security firm PeckShield. While this figure represents a 22% decrease from August’s total of $163 million, it is still a significant amount that highlights the ongoing challenges faced by the sector. Despite the decline in losses, nearly 20 major exploits were recorded during the month, underscoring the persistent threat of large-scale attacks on decentralized finance (DeFi) and blockchain platforms.
PeckShield shared its findings in a post on X, emphasizing the continued risk posed by cybercriminals targeting crypto assets. The data revealed that the majority of September’s losses were concentrated in a few major incidents, with UXLINK and SwissBorg emerging as the top targets. UXLINK, a blockchain-based social networking platform, suffered the largest attack of the month, resulting in a loss of $44.14 million. The hacker exploited the platform’s multisig wallet to mint unauthorized tokens, causing UXLINK’s token value to plummet by over 90%.
Following the attack, UXLINK took immediate action by notifying exchanges and law enforcement, freezing deposits, and implementing a token swap plan. The hacker continued to mint tokens and sell them on various platforms, ultimately exchanging a large amount for a minimal sum. In a twist of fate, the attacker fell victim to a phishing scam, losing 500 billion tokens during the exploit.
SwissBorg, a prominent wealth management app in the crypto space, was also targeted in September, with hackers siphoning off $41.5 million in Solana. The breach occurred through the compromise of partner API provider Kiln, leading to the draining of funds from the platform’s Earn program. SwissBorg reassured users that only a small percentage were affected and pledged to compensate them using treasury funds.
In addition to these major hacks, a phishing attack on a Venus user resulted in $13.5 million in stolen assets. However, PeckShield reported that $13 million of the stolen funds were successfully recovered, marking a rare instance where victims were able to reclaim their losses. Other incidents in September included Yala, GriffAI, Nono, Shibarium Bridge, Basset, New Gold Protocol, and SolidifyFund, each experiencing varying degrees of financial loss.
Looking at the broader trend of crypto hacks in 2025, September’s figures indicate that the industry is on track for a record-breaking year in terms of security breaches. While the decrease from August provides some temporary relief, the cumulative losses throughout the year have already surpassed those of previous years. Analysts warn that unless significant improvements are made to industry-wide defenses, 2025 could surpass the peak of 2022’s DeFi exploits in terms of total losses.
In conclusion, the cryptocurrency sector continues to grapple with the persistent threat of cyber attacks, highlighting the importance of robust security measures and proactive risk management strategies. Stay informed and vigilant to protect your assets in this ever-evolving digital landscape.