Cryptocurrency platforms lost $127 million to hackers in September 2025, marking a 22% decline from the previous month but continuing what security researchers describe as one of the industry's worst years for digital theft.
What to Know:
- September saw approximately 20 major crypto exploits totaling $127 million, down from $163 million in August but still representing significant sector vulnerabilities.
- The largest single breach involved UXLINK, which lost $44 million through wallet manipulation and token minting attacks on Arbitrum.
- More than $3.1 billion in cryptocurrency has been stolen in 2025's first half alone, exceeding all of 2024's losses and highlighting persistent security failures.
Major Breaches Target Multiple Platforms
PeckShield, a blockchain security firm, identified roughly 20 significant crypto exploits last month. The drop from August's figures offered little comfort to analysts tracking the sector's mounting losses.
UXLINK suffered the month's largest breach at $44 million. Attackers first struck the social Web3 project on Sept. 22, targeting its multi-signature wallet to strip administrative controls and drain $11.3 million. The assault continued as hackers minted billions of new UXLINK tokens on the Arbitrum network, nearly doubling the circulating supply. The token's price collapsed more than 70%. Exchanges including Upbit froze some assets, but most stolen funds remain in attacker-controlled wallets.
SwissBorg, a Swiss wealth management platform, recorded losses of approximately $41.5 million through a supply chain compromise. Hackers exploited Kiln, a third-party service provider managing Solana staking operations.
The breach allowed attackers to control nearly 193,000 SOL by concealing malicious code within what appeared to be routine unstaking transactions.
A phishing operation targeted the Venus lending platform on Sept. 2, resulting in roughly $13 million in losses. The victim joined what they believed was a legitimate Zoom meeting, which enabled attackers to compromise their device and modify wallet credentials. Venus suspended operations temporarily and liquidated the attacker's positions to recover the stolen assets.
Additional September incidents included a $7.6 million exploit of the Yala stablecoin protocol and a $3 million breach at GriffAI.
Understanding Crypto Security Vulnerabilities
Multi-signature wallets require multiple private keys to authorize transactions, theoretically distributing security responsibility among several parties. When attackers compromise these systems, they typically gain control through social engineering or by exploiting flaws in how administrative permissions are structured.
Supply chain attacks target trusted third-party service providers rather than the primary platform. These breaches prove particularly damaging because users assume their funds remain secure when working with established intermediaries. Phishing schemes rely on deceiving users into revealing credentials or granting access through fake communications that mimic legitimate business interactions.
Token minting attacks exploit vulnerabilities in smart contract code to create unauthorized new tokens, diluting existing holdings and crashing market prices. The technique has become increasingly common as attackers identify platforms with inadequate code review processes.
Year Shows Record Criminal Activity
September's decline provided minimal relief in a year that security researchers already rank among the industry's worst. Hacken, another blockchain security firm, reported that thieves stole more than $3.1 billion in cryptocurrency during 2025's first six months. That figure surpassed the entire 2024 total of $2.85 billion. The Bybit exchange breach in the first quarter accounted for $1.5 billion of those losses through what analysts termed massive access control failures.
Security experts identified two persistent problems driving the losses. Attackers continue exploiting backdoors and privileged access points that development teams overlook during security reviews. Users remain vulnerable to social engineering tactics that bypass technical safeguards entirely. Industry analysts warned that without substantial investments in access control systems, independent security audits and user education programs, September's temporary reduction in theft may prove meaningless. The year's trajectory suggests criminal activity targeting cryptocurrency platforms will continue setting records.
Final Thoughts
The cryptocurrency sector faces mounting security challenges despite September's modest decline in theft. Persistent vulnerabilities in access controls and continued success of social engineering attacks indicate systemic problems that temporary improvements cannot mask.