February was unusually calm for crypto thieves. Blockchain security firm PeckShield reports just $26.5 million in hack- and scam-related losses last month — the smallest monthly total in 11 months.
That number stands in sharp contrast to early 2025, when a single breach at exchange Bybit wiped about $1.5 billion. In February there were 15 recorded incidents, but two attacks dominated the damage. On February 21, attackers manipulated token prices to drain roughly $10 million from YieldBlox, a DAO-run lending pool. That same day a private-key exploit on decentralized identity platform IoTeX cost about $9 million. Those two events together accounted for more than 70% of the month’s total losses.
February’s $26.5 million is about a 69% fall from January’s $86 million, and PeckShield notes the lack of a single, headline-making breach as one reason totals look smaller. Market conditions probably helped too: Bitcoin dipped below $70,000 in early February, triggering a correction that shifted attention toward managing positions and liquidity rather than hunting for exploitable protocols. In volatile markets, traders and institutions tend to focus on risk and preservation, which can suppress opportunistic exploit activity.
Security improvements also appear to be making an impact. Analysts point to tighter risk controls, more rigorous counterparty vetting, and expanded real-time monitoring across major platforms. Artificial intelligence is increasingly used for automated code review, anomaly detection, and pre-deployment attack simulations, catching vulnerabilities earlier and shrinking the windows attackers can exploit. If defenses continue to keep pace with innovation, analysts say losses could keep trending down.
But many threats remain. Phishing — where criminals impersonate trusted contacts or services to steal credentials and private keys — is persistent. Wallet-draining phishing losses fell from $494 million to $83 million in 2025, yet attackers have shifted focus from breaching code to targeting people, since tricking users can be easier than breaking well-audited smart contracts. PeckShield urges institutions and large holders to use multi-signature cold storage and treat private-key security as non-negotiable. For individual users, best practices like hardware wallets, strong phishing hygiene, and unique credentials remain critical.
A quieter month is welcome, but it is not a sign that the threat has disappeared. Continued vigilance and investment in security are needed to keep losses down as the ecosystem evolves.