August 2025: $163M Ripped Out Of Crypto In One Month, Brutal Records

Crypto’s headline this August is simple and ugly: 16 major exploits, $163 million stolen. That’s a 15% rise from July’s $142M, per PeckShieldAlert.

The attacks hit wallets, exchanges, and DeFi contracts. The message is blunt: security still loses.

Top five hits, quick list

1. $BTC Holder, $91.4M

2. Btcturk, $54M

3. ODIN•FUN, $7M

4. BetterBank.io, $5M

5. CrediX Finance, $4.5M

That’s the leaderboard for August. PeckShield lays it out.

#PeckShieldAlert In August 2025, ~16 major crypto exploits were recorded, resulting in total losses of $163M—a 15% increase from July’s $142M.

Notably, @btcturk suffered its second major breach in just over a year, losing over $50M after a $54M hack in June 2024., bringing their… pic.twitter.com/JWiWNEDdZW

— PeckShieldAlert (@PeckShieldAlert) September 1, 2025

$91.4M, Phishing on steroids

This was a personal account. A whale. The attack reads like classic social engineering turned industrial scale.

Hackers posed as exchange support. They also pretended to be hardware-wallet support. They asked for the seed. The victim gave it. The attackers moved coins. They laundered through Wasabi Wallet to blur the trail.

Short lesson: no legitimate support team ever asks for your seed phrase. Ever. Keep it offline. Keep it private.

For quick context on BTC price and size of the prize: Bitcoin remains the market’s biggest asset, see CoinMarketCap snapshot for real-time numbers.

Btcturk, hot-wallet collapse, again

Btcturk got hit hard. This is their second large breach in just over a year. The August incident cost roughly $48–$54M depending on on-chain tracing and reporting. That stacks with their June 2024 loss of about $54M. Together, the hits push Btcturk’s cumulative losses north of $100M. Vartcall called it a textbook example of centralized custody risk.

What happened? Attackers breached internal infra. They grabbed keys. They drained hot wallets. Withdrawals paused. Cold storage reportedly remained untouched, but user confidence took a hit.

Exploited hot-wallet contract (on-chain):

• 0xde2faca4bbc0aca08ff04d387c39b6f6325bf82a

Example drain transaction:

• 0xb191ec12f7e579b29840429940ca9a5049cc5cdf6c6904e607992323e6276931

Short lesson: centralized custody = single point of failure. If you don’t hold the keys, you don’t own the coins.

🧵 August 2025 was brutal for Web3.

16 exploits – $163M lost (+15% vs July).

Here’s what happened & the lessons devs must learn pic.twitter.com/bBN8lvbaPq

— vartcall (@vartcall) September 1, 2025

ODIN•FUN, reentrancy-style drain ($7M)

ODIN•FUN lost $7M to a contract bug that behaved like a reentrancy attack. The contract missed critical withdrawal restrictions. Attackers called withdraw, then called it again before balances updated. Repeated withdrawals drained funds.

Two ICP principal IDs tied to the exploit (Internet Computer addresses):

• urguz-m32zo-jlld6-pyy4l-z3c24-jv4pt-5fmll-gq2xd-6siiz-oxkao-xae
• jeypm-z6t4p-uqshx-dtay4-qgw5d-ca7j5-alviu-fch2d-nmsnc-c4k3k-aae

Short lesson: audit your contracts. Use OpenZeppelin libraries. Follow the Checks–Effects–Interactions pattern. Tests catch what eyeballs miss.

BetterBank.io, oracle manipulation ($5M)

BetterBank fell to a classic oracle manipulation play. The attacker pumped an illiquid token’s price, borrowed heavily against it, then let the price collapse. The protocol’s lending checks failed to catch the artificial spike.

Lesson: secure price feeds. Use decentralized, tamper-resistant oracles (Chainlink or equivalent). Add limits and oracle sanity checks to reject flash-price anomalies.

CrediX Finance, flash loan + broken economics ($4.5M)

CrediX lost about $4.5M when flash loans met weak collateral checks. The protocol didn’t account for extreme, fast price swings. Attackers used instant liquidity to manipulate variables and exploit the contract’s flawed assumptions.

Lesson: stress-test your economic model. Model flash loan scenarios. Assume worst-case price moves. Smart contracts aren’t safe by default.

What the patterns tell us

Across these incidents there are recurring threads:

1. Social engineering works. It’s cheap and effective. Training and protocols are non-negotiable.
2. Hot wallets remain prime targets. Centralized custody concentrates risk.
3. Contract logic fails. One missing check can enable a multi-million-dollar drain.
4. Oracles and economic models are fragile. Flash loans and illiquid pairs are a hazard.

Fix the basics and you cut the attack surface. Audits matter. Red teams matter. Multi-sig, hardware security modules, and time-locked withdrawals reduce blast radius.

Quick CoinMarketCap snapshot (context)

Bitcoin (BTC), rank 1, market cap and trading numbers vary minute-to-minute; use CoinMarketCap for live snapshot and historical charts.

Final Take, Harsh But Fair

August’s $163M is not just a number. It’s a pattern. The industry repeats avoidable mistakes. Some losses come from innovation risk. Many come from sloppy basics.

If you’re building: assume attackers will probe your edge cases. If you run an exchange: treat keys like crown jewels. If you hold coins: use self-custody for meaningful sums and multi-sig for shared custody.

Read the original thread for the breakdown and follow-ups: PeckShieldAlert’s post contains the monthly tally and the top incidents. Also check the on-chain traces and reporting on Btcturk for transaction-level details.

Disclosure: This is not trading or investment advice. Always do your research before buying any cryptocurrency or investing in any services.

Follow us on Twitter @nulltxnews to stay updated with the latest Crypto, NFT, AI, Cybersecurity, Distributed Computing, and Metaverse news!