Losses from crypto exploits fell in September but showed the sector’s continuing exposure to large-scale exploits. Data released by blockchain security firm PeckShield showed that attackers drained $127.06 million last month, representing a 22% decline from August’s $163 million. Despite the drop, nearly 20 incidents were reported, indicating ongoing risks across decentralized finance and blockchain platforms.
#PeckShieldAlert September 2025 saw ~20 major crypto exploits, resulting in total losses of $127.06M.
This marks a -22% decrease from August's $163M.In a positive development, ~$13M drained from a Venus user in a #phishing attack has been recovered.
Top 5 Hacks:
🔺 #UXLINK –… pic.twitter.com/ebUYM3Xwnh— PeckShieldAlert (@PeckShieldAlert) October 2, 2025
PeckShield reported that a handful of major breaches accounted for most of September’s total. The largest involved UXLINK, a blockchain-based social networking project, which lost $44.14 million. The attacker manipulated its multisig wallet, minting nearly 10 trillion unauthorized tokens. The incident led to a collapse in UXLINK’s token value, which dropped more than 90% following the exploit.
Investigators found that the hacker continued minting tokens and swapped nearly 9.95 trillion for only 16 ETH, worth about $67,000. Lookonchain confirmed that many of the stolen assets had been frozen with the exchange’s support and that law enforcement agencies had been notified. The project announced a token swap plan while exchanges temporarily suspended trading. PeckShield and Hacken added that the attackers lost over 500 million tokens in a phishing scheme during the operation.
SwissBorg, a well-known wealth management platform, recorded the second-largest attack. The firm disclosed a $41.5 million loss in Solana after hackers breached its partner API provider Kiln. Hackers drained about 192,600 SOL from its Earn program, affecting fewer than 1% of users. SwissBorg pledged to cover affected customers from treasury funds and stated that operations would continue without disruption.
Additional Incidents Across the Sector in Crypto Exploits
Other cases added to September’s total. A phishing scheme targeting a Venus user stole $13.5 million in assets. PeckShield reported that recovery efforts returned about $13 million, making it one of the few cases where victims regained their funds.
Smaller exploits included Yala, which lost $7.64 million, and GriffAI, which reported $3 million in damages. Additional projects such as Nono, Shibarium Bridge, Basset, New Gold Protocol, and SolidifyFund suffered losses ranging between $1 million and $2.4 million. PeckShield also traced movements of stolen Ether, with individual transfers ranging from 443 ETH to 800 ETH, though it remains unclear whether these funds entered mixing services.
2025 on Track for Record Losses
Meanwhile, industry trackers warn that 2025 is shaping up to surpass previous years in total stolen funds. Chainalysis estimated $2.17 billion in thefts during the first half of the year, while CertiK placed the figure at $2.47 billion.
February’s Bybit hack alone accounted for about $1.5 billion. Those numbers have already exceeded the $2.2 billion recorded across all of 2024. With three months remaining in 2025, analysts caution that unless security defenses improve, this year could close as one of the worst in the industry’s history for crypto exploits.
The CoinRemark Team
