Crypto Hack Losses Fall 37% in Third Quarter of 2025

Despite this drop, September still set a new record for million-dollar ￰0￱ data showed a steep decline in code exploit losses, while hackers shifted toward mid-sized attacks targeting centralized exchanges and DeFi ￰1￱ ecosystems like Hyperliquid also faced exploits, and North Korean cyber units were still the biggest ￰2￱ Steal Less in Q3 Losses from crypto hacks and exploits fell sharply in the third quarter of 2025, despite September being a record month for million-dollar ￰3￱ to data from blockchain security firm CertiK that was shared in a recent interview , total losses dropped from $803 million in Q2 to $509 million in ￰4￱ was a decline of nearly 37%.

Compared to Q1, when hackers stole almost $1.7 billion, losses fell by more than 70%. Incidents and the amount lost () CertiK reported that code vulnerability-related losses plummeted from $272 million in Q2 to just $78 million in Q3, while phishing-related theft also declined despite a similar number of ￰5￱ pointed out that no single hack in the quarter reached the $100 million mark, which means that attackers instead focused on mid-sized ￰6￱ stood out as the most active month for high-value theft, and recorded 16 hacks that each surpassed $1 ￰7￱ set a new monthly record, topping the previous high of 14 in March of ￰8￱ with this surge, the year-to-date average sits at about six million-dollar hacks per month, down from over eight per month in both 2023 and ￰9￱ exchanges were the biggest targets in Q3, and accounted for $182 million in stolen ￰10￱ also increasingly relied on phishing and social engineering tactics to compromise multisignature and hot wallets, according to security firm ￰11￱ projects were also hit, and lost $86 million in the quarter, including a $40 million exploit of the GMX v1 decentralized ￰12￱ case ended with the hacker returning the funds after receiving a $5 million ￰13￱ ecosystems also came under fire, with Hyperliquid suffering incidents like the HyperVault exploit and HyperDrive rug pull late in the ￰14￱ warned users to exercise extreme caution when engaging with newer and emerging ￰15￱ CEO Yevheniia Broshevan said North Korean cyber units are still the biggest threat, as they are responsible for around half of all the funds that were stolen in ￰16￱ added that their methods are becoming more sophisticated, and are evolving from basic phishing to layered operational ￰17￱ the quarter saw a rise in million-dollar hacks, the overall decline in losses and a drop in code-based exploits suggest that the fight to harden protocols and codebases may actually be working.