Crypto hacks and scams resulted in $26.5 million in losses in February, the lowest monthly total since March 2025, according to blockchain security firm PeckShield.
Out of 15 instances in February, only two accounted for most of the month’s losses, with the largest being the $10 million theft from YieldBlox’s DAO-managed lending pool via a price manipulation attack on Feb. 21, PeckShield reported in an X post on Sunday.
The second-largest exploit targeted the decentralized identity protocol IoTeX, which lost about $8.9 million to a private key exploit on Feb. 21. Overall, February’s total represents a 69.2% month-on-month decrease from January, which recorded just over $86 million in losses.
A PeckShield spokesperson told Cointelegraph that “mega-hacks,” such as the $1.5 billion Bybit hack in February 2025, didn’t inflate last month’s statistics, and market volatility led to a significant cooling period in exploit activity.
“A sharp market correction in early February, with Bitcoin dipping below $70,000, shifted the industry’s focus toward institutional deleveraging and math-based sell-offs. During such high-volatility periods, the tactical focus often moves away from protocol exploits toward navigating market liquidity,” the spokesperson added.
Security improvements could be a factor
Kronos Research analyst Dominick John told Cointelegraph that the decline could also reflect tighter risk controls, stronger counterparty standards and improved real-time monitoring across major venues.
“Capital is becoming more selective, rewarding protocols with mature security frameworks. Sustained downside will depend on whether security standards keep pace with innovation,” he said.
John said losses could continue to decline through the year as audits, monitoring, and institutional risk frameworks mature.
Artificial intelligence might also accelerate the shift, powering automated code reviews, anomaly detection, and pre-deployment attack simulations to catch vulnerabilities earlier in the lifecycle, he added.
“Crypto security is leveling up. Protocols are doubling down on audits, formal verification, and real-time monitoring, while institutions are raising the bar on what they’ll fund,” John said.
“AI-driven checks and automated vulnerability scans are catching issues earlier, though the fast-moving ecosystem keeps the game high-stakes.”
Phishing remains a persistent problem
Losses from phishing have declined, with attacks tied to wallet drainers dropping sharply in 2025, from $494 million to $83.85 million.
The PeckShield spokesperson said that the attacks, where a scammer poses as a trusted person or organization to steal sensitive information, remain a lingering issue.
Related: Traveling? ‘Evil Twin’ WiFi networks can steal crypto passwords
“Phishing remains the most persistent threat. Instead of trying to hack the contract, bad actors are increasingly focused on hacking the human,” they added.
“It is critical for both institutions and whales to adopt multi-sig cold storage solutions and strictly guard their wallets and private keys.”
Context
Current positioning around Security & Hacks remains sensitive to primary-source updates, policy interpretation, and execution risk across major venues.
What To Watch
Focus on incident-response updates, wallet flow tracking, and whether recovery or mitigation actions are independently verified.
Follow-up coverage should prioritize confirmed technical details, affected systems, and user-protection timelines rather than speculative loss estimates.
Related: More from Security & Hacks | DOJ Haul Reveals Cryptocurrency Fraud Hotspots in Crypto Security | U.S. Arrests Goliath Ventures Exec in $328M Cryptocurrency Fraud in Crypto Security
