Q3 2025 Crypto Hack Report: Wallet Attacks Surge Despite Overall Loss Decline

Crypto security is sending mixed signals. 

Overall losses fell sharply in Q3 2025, dropping nearly 37% to $509 million from $803 million in Q2. Compared to Q1’s nearly $1.7 billion stolen, this is a huge decline.

But September told a different story: the month saw a record number of million-dollar incidents, showing that while total losses are down, hackers are still finding big openings.

Hackers Shift Focus to Wallets

The pattern is clear. Attackers are moving away from smart contract exploits and going after wallet vulnerabilities and operational flaws. Code-related losses fell from $272 million in Q2 to just $78 million in Q3, signaling better protections. 

Still, September’s 16 hacks over $1 million – the highest ever in a single month – show that mid-sized attacks are rising.

“Exchanges, as well as DeFi projects, continue to be lucrative targets for attackers, particularly for state-sponsored groups,” a According to a CertiK spokesperson. 

Hacken added that centralized exchanges remain the easiest entry points, often targeted through phishing and social engineering to hit multisig and hot wallets.

Exchanges, DeFi, and RWA Projects in Trouble

Centralized exchanges lost the most in Q3 – $182 million – followed by DeFi projects at $86 million. One notable hack was the GMX v1 DEX, which lost $40 million. The hacker returned the funds after a $5 million bounty, but the incident underscores ongoing risks in DeFi.

Emerging chains like Hyperliquid also faced trouble, with incidents including the HyperVault exploit and HyperDrive rug pull. RWA (real-world asset) projects aren’t immune either: $14.6 million was lost in the first half of 2025 alone. 

Bridging on-chain and off-chain assets creates more points for hackers, even as these projects promise transparency and security.

• Also Read :
•   BNB Chain’s Official X Account Hacked, CZ Confirms Breach! Users Warned to Stay Alert
•   ,

Security Isn’t Optional

Hacken CEO Yevheniia Broshevan pointed out that North Korea-linked hackers were behind about half of Q3’s stolen funds. 

She warned: “This is a wake-up call. Centralized platforms and users exploring emerging chains like Hyperliquid must double down on operational security and due diligence, or they will continue to be the easiest entry points for attackers.”

Practical steps are clear:

• Multi-Factor Authentication (MFA): Strengthen access controls.
• Regular Security Audits: Identify and fix vulnerabilities.
• User Education: Train users on phishing and safe crypto practices.
• Cold Storage Solutions: Keep large holdings offline to prevent theft.

Looking Ahead

Q3’s decline in overall losses is encouraging, but the rise in million-dollar hacks and wallet-focused attacks shows threats are evolving.

Cryptojacking and operational compromises are on the rise. Exchanges, DeFi platforms, and RWA projects must stay proactive, investing in multi-layered security, continuous audits, and user awareness to protect assets and maintain trust.

The battle for crypto security is far from over and staying vigilant is the only way to stay ahead.

Never Miss a Beat in the Crypto World!

Stay ahead with breaking news, expert analysis, and real-time updates on the latest trends in Bitcoin, altcoins, DeFi, NFTs, and more.

Subscribe to News

FAQs