The crypto industry experienced a loss of $155.9 million to exploits in the month of September. There were 14 major scam accidents, excluding phishing—the highest since March of this year.
According to a post on X by CertiK, the total capital lost to scams decreased from the $163 million figure recorded in August 2025. But the number of major incidents and the scale of attacks have intensified.
#CertiKStatsAlert 🚨
— CertiK Alert (@CertiKAlert) September 30, 2025
Combining all the incidents in September we’ve confirmed ~$155.9M lost to exploits.
~$26.4M of the total is attributed to phishing.
September saw 14 incidents (excluding phishing) with initial losses of over $1M, the highest since March 2024.
More details… pic.twitter.com/e0mEd6tDcn
The month saw more than $100 million lost to wallet compromise, followed by phishing attacks which amounted to a little over $26 million. Other attacks included code vulnerabilities, exit scams, and market manipulation. The most notable attack was on UXLINK, in which more than $45.5 million was lost to a phishing attack. The attack led to UXLINK’s price dropping by 99.99 % in a single day to $0.0000009065.
The other infamous attack was on SwissBorg, a Switzerland‑based crypto wealth management platform. Hackers stole over $40 million in Solana after exploiting a vulnerability in its staking partner Kiln’s API. The attack drained around 193,000 SOL tokens, worth $41 million, from the firm.
Until August of this year, there was a month‑on‑month increase in the number of crypto attacks and the capital lost to them. The month of September experienced a slightly less number of attacks, but crypto experts are cautioning users to stay vigilant and invest only after conducting a thorough analysis.