The crypto industry just endured another painful month. According to a new report from PeckShield, hackers and scammers drained more than $127 million from the market in September 2025, underscoring the stubborn security risks facing Web3 and DeFi.
The Numbers Behind the Losses
PeckShield tracked about 20 major security incidents during the month, ranging from smart-contract exploits and protocol drains to targeted phishing attacks.
- Total losses: $127.1 million
- Down from August’s $163 million (-22%)
- Still among the most damaging months of the year
While the overall figure was lower than August’s, the scale of the top hacks shows that the threat remains widespread.
The Biggest Hits: UXLINK and SwissBorg
Two incidents made up the bulk of September’s losses:
- UXLINK hack ($44M): On September 22, attackers exploited a weakness in UXLINK’s multi-signature wallet. By minting billions of unauthorized tokens, they crashed the token’s value before converting assets into Ethereum and other coins.
- SwissBorg breach ($41.5M): Hackers manipulated an API connection tied to SwissBorg’s Solana Earn program via staking provider Kiln. Roughly 192,600 SOL tokens were drained.
Together, these two hacks alone accounted for nearly two-thirds of September’s total stolen funds.
Other Notable Incidents
Phishing and smaller-scale protocol drains continued to plague the market:
- Venus Protocol lost $13.5M to phishing (some funds later recovered).
- Yala was drained of $7.6M.
- GriffAI suffered $3M in losses, showing how experimental AI-integrated projects are also becoming targets.
These cases highlight the range of vulnerabilities across DeFi and cross-chain protocols.
A Troubled 2025 for Crypto Security
September’s setbacks come during an already brutal year for Web3 security. Some of 2025’s worst incidents include:
- Bybit exploit (Feb): A staggering $1.46 billion loss, one of the largest in crypto history.
- Infini Protocol hack (Feb): $50M stolen in a single transaction.
- Nobitex breach (July): $90M drained from Iran’s largest exchange in what was widely described as a politically motivated attack.
Taken together, these episodes confirm that security vulnerabilities remain pervasive whether in major exchanges, DeFi platforms, or new experimental projects.
The Takeaway
While September’s total losses were lower than August’s, the scale of the UXLINK and SwissBorg hacks reinforces an uncomfortable truth: crypto remains a prime target for sophisticated attacks.
As the industry pushes forward with innovation, the need for robust security frameworks, smarter auditing, and user awareness has never been greater.
Bottom line: $127 million gone in just one month is another reminder that in crypto, growth and risk still go hand in hand.
