Wallet

Crypto Hackers Steal $127 Million in September as 20 Major Exploits Occur

profile-alexey-bondarev
Alexey BondarevOct, 06 2025 8:07
#Hackers
Crypto Hackers Steal $127 Million in September as 20 Major Exploits Occur

Cryptocurrency platforms lost $127 million to hackers in September 2025, marking a 22% decline from the previous month but continuing what security researchers describe as one of the industry's worst years for digital theft.

What to Know:

  • September saw approximately 20 major crypto exploits totaling $127 million, down from $163 million in August but still representing significant sector vulnerabilities.
  • The largest single breach involved UXLINK, which lost $44 million through wallet manipulation and token minting attacks on Arbitrum.
  • More than $3.1 billion in cryptocurrency has been stolen in 2025's first half alone, exceeding all of 2024's losses and highlighting persistent security failures.

Major Breaches Target Multiple Platforms

PeckShield, a blockchain security firm, identified roughly 20 significant crypto exploits last month. The drop from August's figures offered little comfort to analysts tracking the sector's mounting losses.

UXLINK suffered the month's largest breach at $44 million. Attackers first struck the social Web3 project on Sept. 22, targeting its multi-signature wallet to strip administrative controls and drain $11.3 million. The assault continued as hackers minted billions of new UXLINK tokens on the Arbitrum network, nearly doubling the circulating supply. The token's price collapsed more than 70%. Exchanges including Upbit froze some assets, but most stolen funds remain in attacker-controlled wallets.

SwissBorg, a Swiss wealth management platform, recorded losses of approximately $41.5 million through a supply chain compromise. Hackers exploited Kiln, a third-party service provider managing Solana staking operations.

The breach allowed attackers to control nearly 193,000 SOL by concealing malicious code within what appeared to be routine unstaking transactions.

A phishing operation targeted the Venus lending platform on Sept. 2, resulting in roughly $13 million in losses. The victim joined what they believed was a legitimate Zoom meeting, which enabled attackers to compromise their device and modify wallet credentials. Venus suspended operations temporarily and liquidated the attacker's positions to recover the stolen assets.

Additional September incidents included a $7.6 million exploit of the Yala stablecoin protocol and a $3 million breach at GriffAI.

Understanding Crypto Security Vulnerabilities

Multi-signature wallets require multiple private keys to authorize transactions, theoretically distributing security responsibility among several parties. When attackers compromise these systems, they typically gain control through social engineering or by exploiting flaws in how administrative permissions are structured.

Supply chain attacks target trusted third-party service providers rather than the primary platform. These breaches prove particularly damaging because users assume their funds remain secure when working with established intermediaries. Phishing schemes rely on deceiving users into revealing credentials or granting access through fake communications that mimic legitimate business interactions.

Token minting attacks exploit vulnerabilities in smart contract code to create unauthorized new tokens, diluting existing holdings and crashing market prices. The technique has become increasingly common as attackers identify platforms with inadequate code review processes.

Year Shows Record Criminal Activity

September's decline provided minimal relief in a year that security researchers already rank among the industry's worst. Hacken, another blockchain security firm, reported that thieves stole more than $3.1 billion in cryptocurrency during 2025's first six months. That figure surpassed the entire 2024 total of $2.85 billion. The Bybit exchange breach in the first quarter accounted for $1.5 billion of those losses through what analysts termed massive access control failures.

Security experts identified two persistent problems driving the losses. Attackers continue exploiting backdoors and privileged access points that development teams overlook during security reviews. Users remain vulnerable to social engineering tactics that bypass technical safeguards entirely. Industry analysts warned that without substantial investments in access control systems, independent security audits and user education programs, September's temporary reduction in theft may prove meaningless. The year's trajectory suggests criminal activity targeting cryptocurrency platforms will continue setting records.

Final Thoughts

The cryptocurrency sector faces mounting security challenges despite September's modest decline in theft. Persistent vulnerabilities in access controls and continued success of social engineering attacks indicate systemic problems that temporary improvements cannot mask.

Disclaimer: The information provided in this article is for educational purposes only and should not be considered financial or legal advice. Always conduct your own research or consult a professional when dealing with cryptocurrency assets.
Latest News
Show All News
SharpLink Gaming Emerges as Major Ethereum Accumulator with $1.65 Billion Treasury Strategy
Aug 14, 2025
SharpLink Gaming is rapidly accumulating Ethereum at what industry observers describe as an unprecedented pace, positioning itself to potentially surpass established corporate treasury holders in both
Crypto Analyst Reverses XRP Flippening Prediction As Ethereum Surges 239% From April Lows
Aug 14, 2025
A prominent cryptocurrency analyst who previously predicted XRP could overtake Ethereum in market capitalization has abandoned that forecast after Ethereum's dramatic recovery widened the gap between
Massive 320 Million XRP Purchase by Whales Signals Potential Price Surge
Aug 14, 2025
Large-scale cryptocurrency investors have accumulated 320 million XRP tokens worth approximately $1 billion over the past three days, according to market data that suggests renewed institutional inter
Pi Coin Drops To Near All-Time Low As Bitcoin Correlation Falls To 0.52
Aug 14, 2025
Pi Coin continued its descent toward rock bottom Tuesday, trading at $0.40 while its correlation with Bitcoin dropped to just 0.52, signaling a troubling disconnect from the broader cryptocurrency mar
Shiba Inu Breaks Bullish Triangle Pattern As Exchange Supply Drops 1% In August
Aug 14, 2025
Shiba Inu has broken out of a bullish symmetrical triangle pattern while posting a 4% daily gain and 15% weekly surge, though conflicting on-chain metrics suggest the rally faces uncertainty as exchan
Chainlink Surges 50% in Two Weeks as Real-World Asset Market Tops $25 Billion
Aug 14, 2025
Chainlink has emerged as a standout performer in the cryptocurrency market, posting a 50% gain over two weeks as the real-world asset tokenization sector expands beyond $25 billion. The oracle network
Ethereum Whales Execute $1.8 Billion Buying Spree as Price Nears $4,800 Record High
Aug 14, 2025
Ethereum is trading at $4,741, positioning itself just 2.7% below its November 2021 all-time high of $4,800, while major investors execute significant trades worth hundreds of millions of dollars. The
Crypto Exchange Bullish Soars 150% in $13.2 Billion NYSE Debut
Aug 14, 2025
Cryptocurrency exchange operator Bullish reached a valuation of approximately $13.16 billion Wednesday after shares more than doubled during the company's debut on the New York Stock Exchange. The sur