Wallet

Crypto Hackers Steal $127 Million in September as 20 Major Exploits Occur

profile-alexey-bondarev
Alexey Bondarev2 hours ago
#Hackers
Crypto Hackers Steal $127 Million in September as 20 Major Exploits Occur

Cryptocurrency platforms lost $127 million to hackers in September 2025, marking a 22% decline from the previous month but continuing what security researchers describe as one of the industry's worst years for digital theft.

What to Know:

  • September saw approximately 20 major crypto exploits totaling $127 million, down from $163 million in August but still representing significant sector vulnerabilities.
  • The largest single breach involved UXLINK, which lost $44 million through wallet manipulation and token minting attacks on Arbitrum.
  • More than $3.1 billion in cryptocurrency has been stolen in 2025's first half alone, exceeding all of 2024's losses and highlighting persistent security failures.

Major Breaches Target Multiple Platforms

PeckShield, a blockchain security firm, identified roughly 20 significant crypto exploits last month. The drop from August's figures offered little comfort to analysts tracking the sector's mounting losses.

UXLINK suffered the month's largest breach at $44 million. Attackers first struck the social Web3 project on Sept. 22, targeting its multi-signature wallet to strip administrative controls and drain $11.3 million. The assault continued as hackers minted billions of new UXLINK tokens on the Arbitrum network, nearly doubling the circulating supply. The token's price collapsed more than 70%. Exchanges including Upbit froze some assets, but most stolen funds remain in attacker-controlled wallets.

SwissBorg, a Swiss wealth management platform, recorded losses of approximately $41.5 million through a supply chain compromise. Hackers exploited Kiln, a third-party service provider managing Solana staking operations.

The breach allowed attackers to control nearly 193,000 SOL by concealing malicious code within what appeared to be routine unstaking transactions.

A phishing operation targeted the Venus lending platform on Sept. 2, resulting in roughly $13 million in losses. The victim joined what they believed was a legitimate Zoom meeting, which enabled attackers to compromise their device and modify wallet credentials. Venus suspended operations temporarily and liquidated the attacker's positions to recover the stolen assets.

Additional September incidents included a $7.6 million exploit of the Yala stablecoin protocol and a $3 million breach at GriffAI.

Understanding Crypto Security Vulnerabilities

Multi-signature wallets require multiple private keys to authorize transactions, theoretically distributing security responsibility among several parties. When attackers compromise these systems, they typically gain control through social engineering or by exploiting flaws in how administrative permissions are structured.

Supply chain attacks target trusted third-party service providers rather than the primary platform. These breaches prove particularly damaging because users assume their funds remain secure when working with established intermediaries. Phishing schemes rely on deceiving users into revealing credentials or granting access through fake communications that mimic legitimate business interactions.

Token minting attacks exploit vulnerabilities in smart contract code to create unauthorized new tokens, diluting existing holdings and crashing market prices. The technique has become increasingly common as attackers identify platforms with inadequate code review processes.

Year Shows Record Criminal Activity

September's decline provided minimal relief in a year that security researchers already rank among the industry's worst. Hacken, another blockchain security firm, reported that thieves stole more than $3.1 billion in cryptocurrency during 2025's first six months. That figure surpassed the entire 2024 total of $2.85 billion. The Bybit exchange breach in the first quarter accounted for $1.5 billion of those losses through what analysts termed massive access control failures.

Security experts identified two persistent problems driving the losses. Attackers continue exploiting backdoors and privileged access points that development teams overlook during security reviews. Users remain vulnerable to social engineering tactics that bypass technical safeguards entirely. Industry analysts warned that without substantial investments in access control systems, independent security audits and user education programs, September's temporary reduction in theft may prove meaningless. The year's trajectory suggests criminal activity targeting cryptocurrency platforms will continue setting records.

Final Thoughts

The cryptocurrency sector faces mounting security challenges despite September's modest decline in theft. Persistent vulnerabilities in access controls and continued success of social engineering attacks indicate systemic problems that temporary improvements cannot mask.

Disclaimer: The information provided in this article is for educational purposes only and should not be considered financial or legal advice. Always conduct your own research or consult a professional when dealing with cryptocurrency assets.
Latest News
Show All News
Tether Pursues $200 Million to Build Gold-Backed Digital Token Vehicle
25 minutes ago
Tether Holdings SA and a financial services firm tied to one of the cryptocurrency industry's largest hardware manufacturers are seeking to raise at least $200 million for a publicly traded vehicle de
XRP Ledger Needs Enhanced Privacy Features Before Institutions Join, Says Garlinghouse
3 hours ago
Ripple CEO Brad Garlinghouse has identified privacy as the critical missing component for institutional adoption of the XRP Ledger, according to conversations shared by an XRP validator. The revelatio
Solana Pullback From $237 High Finds Support as Bulls Maintain Control
4 hours ago
Solana rallied from support levels near $205 and now trades above $220, with the cryptocurrency consolidating recent gains as traders watch whether bulls can push the token past resistance at $232 and
Related News
April 2025 Crypto Losses Surge 1,100% Amid $331M Bitcoin Heist
May 01, 2025
April 2025 has marked a critical inflection point in cryptocurrency security, with total losses from hacks, scams, and exploits skyrocketing to $364 m
January Sees 44% Drop in Crypto Hacks Despite $73M Loss
Jan 31, 2025
In January 2025, the incidence of cryptocurrency cybercrime witnessed a noticeable reduction, with hackers seizing $73 million across 19 incidents—a 4
Crypto Hacks Jump 15%: U.S. Regulator Pushes for Mandatory Refunds
Jan 10, 2025
All through last year, the crypto industry was battered by cyberattacks and hacking incidents, so much so that in 2025 the US regulator has suggested
Crypto Losses From Hacks Decline Over 50% in October, Down 1% YoY
Oct 31, 2024
The crypto world is reeling under loss from cyber attacks and scams this year. Although the amount of losses declined in October, the yearly loss has
Crypto Hacks Exceed $3.1B in 2025 as Access-Control Flaws and AI Threats Mount
Jul 24, 2025
The crypto industry continues to face an unprecedented wave of security breaches in 2025, with more than $3.1 billion in digital assets stolen in the
Related Research Articles
Crypto Fraud in 2025 Hits Record Highs: From YouTube Deepfakes to Pig Butchering Scams
Jul 25, 2025
In 2025, cryptocurrency scams have escalated to unprecedented levels of sophistication and scale. As digital asset markets surged to new highs, frauds
The Liquidity Black Box: How Market Makers Shape Prices on CEXs and DEXs
Sep 27, 2025
Professional crypto market-making now represents a sophisticated ecosystem where firms deploy advanced algorithms, massive capital, and cutting-edge t
Web3 in Africa, LatAm, Southeast Asia and elsewhere: The Real Adoption Stories You're Not Hearing
Sep 13, 2025
Sub-Saharan Africa has become the third-fastest growing cryptocurrency region globally with 52% year-over-year growth, while Latin America achieved 42
Crypto Under Sanctions: How Restricted Nations Are Adopting Bitcoin and Stablecoins
Sep 12, 2025
Sanctioned nations received $15.8 billion in cryptocurrency during 2024, representing 39% of all illicit digital asset transactions globally - a drama
Why Do Crypto Platforms Require KYC? The Real Story Behind Identity Verification and Surveillance
Sep 29, 2025
The cryptocurrency industry faces a fundamental tension: it was founded on principles of financial privacy and censorship resistance, yet operates in
Related Learn Articles
Social Engineering Attacks in Crypto: 10 Proven Tips to Keep Your Digital Assets Safe
May 13, 2025
Social engineering has emerged as the predominant threat vector in the cryptocurrency ecosystem, exploiting human psychology rather than technical vul
Protect Your Crypto Exchange Account: Advanced Security Strategies Explained
May 19, 2025
Social engineering has become the leading threat in the cryptocurrency ecosystem, targeting human behavior instead of technical flaws to breach securi
Can You Split a Bitcoin Private Key? Complete Guide to Crypto Ownership, Inheritance & Legal Issues 2025
Aug 14, 2025
The question of whether you can split a private key in half reflects a deeper challenge facing cryptocurrency holders in 2025: how do you manage share
AI-Enhanced Crypto Fraud: What It Is and How to Avoid It
Apr 24, 2025
Cryptocurrency has always been a fertile ground for fraudsters. In recent years, technological advancements - especially in artificial intelligence -
5 Top Ways to Secure Your Crypto Wallet Against Hackers
Dec 31, 2024
Most of the newbies in crypto urge to buy some tokens and don’t care much about where to keep them. That might be a crucial mistake. Neglecting securi
Crypto Hackers Steal $127 Million in September as 20 Major Exploits Occur | Yellow.com