What to Know:
- Crypto hack losses dropped by 37% in Q3, despite a record surge in million-dollar incidents.
- Exchanges and DeFi projects are still prime targets for attackers, with operational security being paramount.
- Industry-wide efforts to bolster codebases show promise, with a 71% drop in code exploit incidents.
In the constantly evolving crypto market, the third quarter of this year saw a significant decrease in losses due to crypto hacks, despite a record surge of million-dollar incidents.
According to data from blockchain security firm CertiK, losses from crypto hacks and exploits dipped nearly 37% in Q3, from about $803 million in Q2 to $509 million. This trend is especially significant compared to Q1, when losses amounted to nearly $1.7 billion, marking a decline of over 70%.
CertiK’s report reveals that losses from code vulnerabilities fell drastically from $272 million in Q2 to $78 million in Q3. Interestingly, despite a similar number of phishing incidents, losses from this type of attack also declined.
Despite the overall decline in losses, September marked a record high for the number of million-dollar-plus incidents. September witnessed 16 high-value hacks, setting a new monthly record. The previous record, set in March 2024, consisted of 14 incidents.
The surge in September brought the YTD average for 2025 to nearly six million-dollar security incidents per month. This figure is still below the averages of over eight incidents in 2024 and 2023. While no $100 million mega-hacks occurred this quarter, attackers appear to be focusing on mid-sized exploits.
CertiK’s data indicated that centralized exchanges suffered the most losses during the quarter, amounting to $182 million. A CertiK spokesperson stated, “Exchanges, as well as DeFi projects, continue to be lucrative targets for attackers, particularly for state-sponsored groups.” The complex nature of decentralized finance (DeFi) still attracts hackers.
Crypto security firm, Hacken, shared a similar analysis, naming centralized exchanges (CEXs) as the main targets in Q3. Hacken stated that CEXs were compromised through sophisticated phishing and social engineering tactics to access multisig and hot wallets.
DeFi projects came in second, with $86 million lost to hacks in Q3. One of the biggest exploits was the GMX v1 decentralized exchange (DEX) hack, which resulted in a loss of $40 million, but the funds were later returned after a $5 million bounty was offered.
Hacken’s CEO, Yevheniia Broshevan, warned that North Korea’s cyber units remain the largest threat to the crypto ecosystem, accounting for approximately half of the stolen funds during the quarter. Broshevan advised centralized platforms and users to exercise extra vigilance. She stated, “This is a wake-up call. Centralized platforms and users exploring emerging chains like Hyperliquid must double down on operational security and due diligence, or they will continue to be the easiest entry points for attackers.”
Despite the rise in million-dollar incidents, the 37% decrease in total losses and a corresponding 71% drop in code exploit incidents offer some optimism. The data suggests that industry-wide efforts to harden codebases may be paying off, which could possibly lead to a safer environment for crypto investors and traders.
