Q3 2025 crypto hack losses fell 37%, but September saw a record surge in million-dollar incidents.
Hackers are shifting from smart contract exploits to wallet and operational attacks on exchanges, DeFi, and RWA projects.
Experts urge stronger security measures, including MFA, audits, cold wallets, and user education, to counter evolving threats.
Crypto security is sending mixed signals.
Overall losses fell sharply in Q3 2025, dropping nearly 37% to $509 million from $803 million in Q2. Compared to Q1’s nearly $1.7 billion stolen, this is a huge decline.
But September told a different story: the month saw a record number of million-dollar incidents, showing that while total losses are down, hackers are still finding big openings.
Hackers Shift Focus to Wallets
The pattern is clear. Attackers are moving away from smart contract exploits and going after wallet vulnerabilities and operational flaws. Code-related losses fell from $272 million in Q2 to just $78 million in Q3, signaling better protections.
Still, September’s 16 hacks over $1 million – the highest ever in a single month – show that mid-sized attacks are rising.
“Exchanges, as well as DeFi projects, continue to be lucrative targets for attackers, particularly for state-sponsored groups,” a According to a CertiK spokesperson.
Hacken added that centralized exchanges remain the easiest entry points, often targeted through phishing and social engineering to hit multisig and hot wallets.
Exchanges, DeFi, and RWA Projects in Trouble
Centralized exchanges lost the most in Q3 – $182 million – followed by DeFi projects at $86 million. One notable hack was the GMX v1 DEX, which lost $40 million. The hacker returned the funds after a $5 million bounty, but the incident underscores ongoing risks in DeFi.
Emerging chains like Hyperliquid also faced trouble, with incidents including the HyperVault exploit and HyperDrive rug pull. RWA (real-world asset) projects aren’t immune either: $14.6 million was lost in the first half of 2025 alone.
Bridging on-chain and off-chain assets creates more points for hackers, even as these projects promise transparency and security.
Security Isn’t Optional
Hacken CEO Yevheniia Broshevan pointed out that North Korea-linked hackers were behind about half of Q3’s stolen funds.
She warned: “This is a wake-up call. Centralized platforms and users exploring emerging chains like Hyperliquid must double down on operational security and due diligence, or they will continue to be the easiest entry points for attackers.”
Practical steps are clear:
- Multi-Factor Authentication (MFA): Strengthen access controls.
- Regular Security Audits: Identify and fix vulnerabilities.
- User Education: Train users on phishing and safe crypto practices.
- Cold Storage Solutions: Keep large holdings offline to prevent theft.
Looking Ahead
Q3’s decline in overall losses is encouraging, but the rise in million-dollar hacks and wallet-focused attacks shows threats are evolving.
Cryptojacking and operational compromises are on the rise. Exchanges, DeFi platforms, and RWA projects must stay proactive, investing in multi-layered security, continuous audits, and user awareness to protect assets and maintain trust.
The battle for crypto security is far from over and staying vigilant is the only way to stay ahead.
Never Miss a Beat in the Crypto World!
Stay ahead with breaking news, expert analysis, and real-time updates on the latest trends in Bitcoin, altcoins, DeFi, NFTs, and more.
FAQs
Q3 2025 saw numerous crypto hacks, with September recording a record 16 million-dollar incidents amid wallet and operational breaches.
Ethereum and its DeFi ecosystems, including legacy protocols like GMX v1, face the most hacks due to smart contract flaws and high asset volumes.
Governments indict state-sponsored hackers like North Koreans behind major heists, impose Treasury sanctions, and pass laws like the GENIUS Act for stablecoin oversight and anti-money laundering.
Trust with CoinPedia:
CoinPedia has been delivering accurate and timely cryptocurrency and blockchain updates since 2017. All content is created by our expert panel of analysts and journalists, following strict Editorial Guidelines based on E-E-A-T (Experience, Expertise, Authoritativeness, Trustworthiness). Every article is fact-checked against reputable sources to ensure accuracy, transparency, and reliability. Our review policy guarantees unbiased evaluations when recommending exchanges, platforms, or tools. We strive to provide timely updates about everything crypto & blockchain, right from startups to industry majors.
Investment Disclaimer:
All opinions and insights shared represent the author's own views on current market conditions. Please do your own research before making investment decisions. Neither the writer nor the publication assumes responsibility for your financial choices.
Sponsored and Advertisements:
Sponsored content and affiliate links may appear on our site. Advertisements are marked clearly, and our editorial content remains entirely independent from our ad partners.