Crypto Hacks Cost $127M in September, an Encouraging Decline From 22% in August
The cryptocurrency industry has recorded a notable dip in losses from hacks and exploits, causing a moment of relief in a year where users have experienced high-profile crypto hacks. According to data from blockchain security firm PeckShield, over was drained from decentralized finance (DeFi) protocols and users in September 2025. This represents a 22% decline from August’s $163 million tally.
While the figures suggest improved defenses and greater awareness among traders and developers, experts warn that and their perpetrators are far from retreating. With October ushering in the historically volatile “ember months,” the industry may face fresh waves of attack attempts, underscoring the need for continuous vigilance.
Major Crypto Hacks Still Shake Confidence
As reported by PeckShield, September’s total losses came from around 20 crypto hacks. The most damaging was the UXLINK crypto hack, which wiped out approximately $44.14 million, followed by the SwissBorg incident that cost $41.5 million.
September 2025 saw ~20 major crypto exploits, resulting in total losses of $127.06M.
This marks a -22% decrease from August’s $163M.In a positive development, ~$13M drained from a Venus user in a attack has been recovered.
Top 5 Hacks:
–…
— PeckShieldAlert (@PeckShieldAlert)
Other attacks included a phishing scam targeting a Venus Protocol user, resulting in a $13.5 million theft, though parts of that were eventually recovered. Smaller-scale losses were scattered across various DeFi platforms, underscoring the persistence of vulnerabilities throughout the ecosystem.
Compared to August, which saw larger-scale crypto hacks, September’s exploits were more scattered, suggesting protocols may be learning from prior incidents and improving their security. The steady decline in overall losses could also be a result of an increasingly mature crypto security landscape, where audits, bug bounties, and better frameworks are reducing the success rate of malicious attackers.
Taken together, these developments reflect a sector growing more resilient against threats that once crippled projects and destroyed user trust. However, these major breaches still dampen the confidence of crypto users, especially active players in the DeFi space, who rely on (DEXs) and similar platforms for their activities.
“Ember” Months Call For Stronger Security Practices
Despite the month-on-month decline in crypto hacks, analysts stress that the crypto sector remains a prime target for malicious actors. Attackers continue to innovate new methods, shifting from basic contract exploits to more sophisticated cross-chain bridge hacks, social engineering schemes, and address poisoning tactics.
The “ember months” — October through December — have historically been active periods for exploits. With markets often more volatile toward year-end, hackers may view fresh opportunities to exploit human error and technical fragilenesses.
So, while the September dip in crypto hacks is encouraging, it shouldn’t breed complacency among traders and investors. Experts suggest that protocols continue to prioritize audits, engage in bug bounty programs, and adopt real-time monitoring systems.
Meanwhile, retail investors should exercise caution when interacting with DeFi platforms. A excellent approach is to verify URLs, secureguard Secret keys, and avoid questionable offers that viewm too excellent to be true. Ultimately, security must remain at the forefront of crypto’s growth story, and everyone has a role to play.
