Cryptocurrency Security Setbacks in September 2025
In September 2025, the realm of cryptocurrency endured significant security setbacks, as hacks resulted in losses totaling $127.06 million, as reported by the blockchain security firm PeckShield. While this figure reflects a 22% reduction compared to the previous month’s staggering losses of $163 million, the crypto sector still faced nearly 20 major security breaches.
Major Incidents and Vulnerabilities
PeckShield conveyed concerns through a post on platform X, emphasizing the persistent vulnerability of decentralized finance (DeFi) and blockchain platforms to large-scale attacks. Although the decline in monthly losses offers a glimmer of hope, the overall stats indicate that cyber threats continue to be a daunting obstacle for the industry. Notably, the losses in September were largely due to a couple of major incidents, with UXLINK and SwissBorg being responsible for roughly 66% of the total financial damage.
The most devastating incident involved UXLINK, a blockchain-based social networking platform, which suffered a monumental breach, leading to losses of $44.14 million. In this attack, hackers manipulated its multisig wallet to mint almost 10 trillion unauthorized tokens, resulting in a dramatic over 90% drop in UXLINK’s token value.
The hacker sought to transfer the stolen assets to exchanges; however, UXLINK promptly reported that many funds were frozen with the help of exchanges and law enforcement authorities. According to PeckShield and Hacken, the hacker continued to mint tokens, ultimately exchanging approximately 9.95 trillion of them for a mere 16 ETH, worth around $67,000. In a proactive response, UXLINK called on exchanges to halt trading of their tokens, proposed a token swap initiative, and humorously noted that the attacker had lost 500 billion tokens in a phishing scam during the theft.
SwissBorg, renowned for its wealth management services in the crypto domain, was not spared either, suffering a breach that cost the company $41.5 million in Solana. This incident occurred after hackers exploited vulnerabilities in the partner API provider Kiln, siphoning approximately 192,600 SOL from SwissBorg’s Earn program. Despite the impact being limited to less than 1% of its user base, SwissBorg vowed to use treasury assets to ensure users are reimbursed, recruited white-hat hackers to assist with the recovery, and assured that their operations remained unaffected.
Other Notable Hacks and Trends
In addition to these key breaches, a phishing attack targeting a Venus user resulted in the theft of $13.5 million. Fortunately, PeckShield reported that about $13 million of the stolen funds had been retrieved, marking a rare success in recovering stolen crypto assets. Other notable hacks in September included Yala, which experienced a $7.64 million loss, and GriffAI, which was hit for $3 million. Smaller exploits also afflicted various platforms, including Nono, Shibarium Bridge, Basset, New Gold Protocol, and SolidifyFund, with losses ranging from $1 million to $2.4 million.
PeckShield further detailed that significant amounts of stolen Ethereum had been traced, revealing movements of hundreds of ETH across wallets, with single transactions ranging between 443 ETH to 800 ETH. The ultimate destination of these assets remains unclear, raising concerns about whether they were routed through mixers or laundering services.
Looking Ahead: The State of Cryptocurrency Security
Overall, the trend of high-value thefts continued into September 2025, keeping the year on course for potentially unprecedented losses. The losses in September fell below August’s total but surpassed July’s $142 million, highlighting the absence of a definitive downward trend in hacking activities. Analysts have noted alarming statistics for the first half of 2025, estimating a colossal $2.17 billion taken as outlined by Chainalysis, while CertiK’s assessments placed the losses even higher at $2.47 billion, considerably influenced by the massive Bybit hack in February, which alone was responsible for around $1.5 billion in stolen funds.
When comparing these figures with historical data, it becomes evident that the scale of the issue is daunting; the mid-year totals for 2025 have already exceeded the total stolen amount across all of 2024, estimated at $2.2 billion. These figures suggest that unless enhanced security measures are adopted industry-wide, 2025 risks becoming one of the most devastating years in cryptocurrency history regarding security breaches, potentially outstripping even the records seen during the peak of the DeFi security violations in 2022.
