TL;DR
After a turbulent summer for digital assets, September brought a notable decline in crypto-related exploits. According to blockchain security firm PeckShield, hackers stole $127 million across 21 incidents, marking a 22% reduction compared to August’s $163 million. While the figure highlights progress in curbing attacks, the month still saw several high-profile breaches that underscore persistent vulnerabilities in decentralized finance.
#PeckShieldAlert September 2025 saw ~20 major crypto exploits, resulting in total losses of $127.06M.
This marks a -22% decrease from August's $163M.In a positive development, ~$13M drained from a Venus user in a #phishing attack has been recovered.
Top 5 Hacks:
#UXLINK –… pic.twitter.com/ebUYM3Xwnh
— PeckShieldAlert (@PeckShieldAlert) October 2, 2025
The largest exploit in September targeted the decentralized exchange FixedFloat, which lost $26.1 million. Close behind was the $24.2 million breach of the decentralized finance protocol BtcTurk. Other significant incidents included the $20 million attack on CoinEx and a $19.4 million exploit of Stake.com. Collectively, these four cases accounted for more than 70% of the total losses, showing how a handful of large-scale hacks continue to dominate the landscape.
September’s $127 million in losses represented a sharp decline from August, when attackers drained $163 million. The drop is even more striking compared to July, which saw $320 million stolen. This downward trend suggests that improved security measures and heightened vigilance may be curbing exploit activity, although the persistence of multimillion-dollar breaches shows the industry remains far from secure.
Despite September’s decline, cumulative losses in 2025 remain substantial. PeckShield data shows that total stolen funds this year have surpassed $1.3 billion. High-profile incidents earlier in the year, such as the $197 million Euler Finance exploit in March, continue to weigh heavily on the sector’s security record. The figures highlight the ongoing challenge of protecting decentralized platforms that often manage vast sums of user assets.
The industry is responding with increased investment in auditing, bug bounty programs, and real-time monitoring tools. Exchanges and DeFi protocols are also collaborating more closely with security firms to trace stolen funds and recover assets. While September’s decline offers cautious optimism, experts warn that attackers are constantly evolving their methods. Sustained progress will depend on proactive defenses, regulatory clarity, and continued innovation in blockchain security.
