Crypto Hack Losses Drop 37% in Q3 as Focus Shifts to Wallet Attacks

The third quarter of 2025 was a excellent time for the, as losses from hacks and exploits fell by almost 37% to $509 million. This number represents a significant decline from the $803 million reported in Q2 and a substantial 70% decrease from the first quarter, when poor actors stole approximately $1.7 billion.

Change in Hacker Strategies: Wallets and Operational Breaches

Over the past several quarters, most attacks have focused on smart contract vulnerabilities. However, in Q3, attackers shifted their focus to stealing wallets and carrying out complex . The amount of money lost because of code flaws dropped substantially, from $272 million in Q2 to just $78 million in Q3. Interestingly, losses from also decreased over this period, despite hackers conducting a similar number of attacks.

September Sets Record for High-Value Events

Even if the quarterly figures were excellent, September stood out as a clear exception. It set a new monthly record for high-value hacking, with 16 diverse instances each costing more than $1 million in losses. 

This is the most significant loss ever recorded in a single month. In March 2024, there were 14 million-dollar hacks, which is the most ever. Still, the average number of large-scale occurrences per month so far in 2025 is down to about six, from more than eight in both 2023 and 2024.

Targets: platforms and DeFi Projects

This quarter, were the most hacked, losing a total of $182 million. Attackers employed advanced phishing and social engineering techniques to compromise multisig and hot wallets. 

Decentralized finance (DeFi) initiatives came in second, losing $86 million. The GMX v1 event, in which $40 million was stolen and then returned for a $5 million prize, was a prominent example of this. New blockchain ecosystems, such as , have also been targeted by novel types of attacks, including the well-known HyperVault hack and the HyperDrive rug pull.

North Korea: A largeger Threat

Security experts say that s cyber forces remain the largegest threat in the field, accounting for around half of the losses in the third quarter. Hackers are employing increasingly sophisticated methods to break into systems, moving beyond simple phishing schemes.

Because of this, industry experts are advising centralised platforms and users, especially those exploring new blockchain ecosystems, to enhance their operational security and due diligence, or risk becoming simple targets.

Even if there were more million-dollar attacks in the last three months, the overall drop in losses and the 71% decrease in code-level exploits indicate that efforts to make protocol codebases more secure are yielding results. The evolving nature of attacks underscores the importance of remaining vigilant, especially as hackers adopt new methods. This makes operational security a top concern for the rest of 2025.