February was unusually quiet for crypto thieves. After months of big losses, blockchain security firm PeckShield says the industry saw just $26.5 million in hack- and scam-related damage last month — the smallest monthly total in 11 months.
That figure is a stark contrast with early 2025, when a single breach wiped about $1.5 billion from exchange Bybit. In February, out of 15 recorded incidents, two attacks accounted for most of the damage. On Feb. 21, attackers manipulated token prices to drain $10 million from YieldBlox, a DAO-managed lending pool. That same day a private-key exploit on decentralized identity platform IoTeX led to roughly $9 million in losses. Together those two events made up more than 70% of the month’s total.
Compared with January, February’s $26.5 million represents about a 69% drop from the $86 million in losses recorded the prior month. PeckShield noted the absence of any single, headline-grabbing breach as part of the reason totals look smaller. Market conditions likely helped too: Bitcoin fell below $70,000 in early February, triggering a market correction that shifted attention toward managing positions and liquidity rather than exploiting protocols. During such turbulent stretches, traders and institutions focus on losses and risk, which can suppress exploit activity.
Improvements in security practices also appear to be having an effect. Analysts point to tighter risk controls, stronger counterparty vetting, and enhanced real-time monitoring across major platforms. Artificial intelligence is increasingly used for automated code checks, anomaly detection, and pre-deployment attack simulations, catching vulnerabilities earlier and reducing opportunities for attackers. If security measures keep pace with innovation, analysts say losses could continue to decline.
But not all threats are fading. Phishing — where criminals impersonate trusted contacts or services to steal credentials and private keys — remains a persistent problem. Wallet-draining phishing losses fell from $494 million to $83 million in 2025, yet attackers are shifting focus from attacking code to targeting people, since tricking users can be easier than breaching well-audited smart contracts. PeckShield urges institutions and large holders to use multi-signature cold storage and treat private key security as non-negotiable.
Featured image from Unsplash, chart from TradingView
