Blockchain security firm PeckShield reported that crypto hacks and scams caused $26.5 million in losses in February — the lowest monthly total since March 2025. Of 15 incidents recorded last month, two accounted for most of the damage: a roughly $10 million theft from YieldBlox’s DAO-run lending pool via a price-manipulation attack on Feb. 21, and an about $8.9 million loss at decentralized identity protocol IoTeX from a private-key exploit the same day. February’s total was down 69.2% from January, which saw just over $86 million in losses.
PeckShield said that “mega-hacks,” such as the $1.5 billion Bybit breach in February 2025, did not skew February’s numbers, and suggested that market turbulence helped cool exploit activity. According to a firm spokesperson, a sharp correction in early February — including Bitcoin briefly dipping below $70,000 — shifted industry attention toward institutional deleveraging and liquidity-driven sell-offs. During such high-volatility stretches, attackers often move away from protocol exploits and exploit strategies focused on market conditions instead.
Improved security practices may also be contributing. Kronos Research analyst Dominick John said the decline could reflect tighter risk controls, higher counterparty standards and better real-time monitoring at major venues. He noted that capital is becoming more selective and rewarding protocols with mature security frameworks, while warning that continued reductions in losses will depend on security keeping pace with innovation. John expects losses to fall further as audits, monitoring and institutional risk frameworks strengthen, and said artificial intelligence could speed that process through automated code review, anomaly detection and pre-deployment attack simulations that catch vulnerabilities earlier.
Still, phishing and social-engineering attacks remain a persistent threat. PeckShield highlighted that, while phishing-related losses have eased — wallet-drainer attacks dropped sharply in 2025 from $494 million to $83.85 million — bad actors continue to target users directly rather than attempting to break contracts. The firm recommends multi-signature cold storage and strict key-custody practices for institutions and high-value holders to mitigate those risks.
This article follows Cointelegraph’s Editorial Policy. Readers are encouraged to verify information independently; the policy is available at https://cointelegraph.com/editorial-policy.