Monthly losses from crypto hacks and scams dropped to their lowest level since March 2025, with $26.5 million stolen in February, according to blockchain security firm PeckShield.
Of the 15 incidents recorded during the month, two accounted for the bulk of the losses. The largest was a $10 million exploit of YieldBlox’s DAO-managed lending pool on Feb. 21, carried out through a price manipulation attack. The second-largest incident involved decentralized identity protocol IoTeX, which suffered roughly $8.9 million in losses the same day due to a private key compromise.
In total, February’s losses marked a 69.2% decline from January, when more than $86 million was stolen.
A PeckShield spokesperson said the absence of “mega-hacks” — such as the $1.5 billion breach of Bybit in February 2025 — kept last month’s figures relatively low, adding that market volatility contributed to a noticeable slowdown in exploit activity.
A PeckShield spokesperson said a sharp market correction in early February — when Bitcoin briefly fell below $70,000 — redirected the industry’s attention toward institutional deleveraging and quantitative-driven sell-offs. During periods of heightened volatility, the focus often shifts away from exploiting protocol vulnerabilities and toward managing liquidity and market risk, the spokesperson explained.
Meanwhile, Dominick John, an analyst at Kronos Research, told Cointelegraph that the decline in losses may also reflect stronger risk controls, stricter counterparty standards and improved real-time monitoring across major platforms.
“Capital is becoming more selective, rewarding protocols with mature security frameworks. Sustained downside will depend on whether security standards keep pace with innovation,” he said.
John added that losses could continue trending lower as audits, monitoring systems and institutional risk frameworks become more sophisticated. He noted that artificial intelligence may further accelerate this shift by enabling automated code reviews, anomaly detection and pre-deployment attack simulations to identify vulnerabilities earlier in the development cycle.
“Crypto security is leveling up,” John said. “Protocols are doubling down on audits, formal verification and real-time monitoring, while institutions are raising the bar on what they’re willing to fund.”
“AI-driven checks and automated vulnerability scans are catching issues earlier, though the fast-moving ecosystem keeps the game high-stakes.”
Phishing remains a persistent problem
Although losses from phishing have decreased — with wallet drainer-related attacks falling from $494 million to $83.85 million in 2025 — the threat has not disappeared, according to PeckShield.
A company spokesperson said phishing schemes, in which scammers impersonate trusted individuals or organizations to steal sensitive information, continue to pose a significant risk.
“Phishing remains the most persistent threat,” the spokesperson said. “Instead of trying to hack the contract, bad actors are increasingly focused on hacking the human.”
“It is critical for both institutions and whales to adopt multi-sig cold storage solutions and strictly guard their wallets and private keys.”
