Crypto-related hacks declined sharply in February, but attackers are increasingly targeting users through phishing campaigns and malicious attacks. portfolio approvals – a shift suggesting they are focusing more on exploiting human behavior than smart contract vulnerabilities.
According to the Nominis monthly reportAround $49 million was lost to crypto-related exploits in February.
Only one violation involving Step Financea portfolio dashboard and analytics platform built on the Solana blockchain, accounted for the bulk of the losses, with attackers draining around $30 million.
The February figure marks a sharp drop from the $385 million stolen in January. While one month of data does not necessarily indicate a sustained trend, this decline suggests that large-scale protocol exploits were less prevalent during this period.
Social engineering attacks caused more cumulative damage than traditional smart contract exploits, Nominis said, with phishing campaigns increasing sharply during the month. These attacks typically trick users into interacting with malicious links or signing fraudulent transactions.
Individuals have been the most common victims, rather than centralized exchanges or decentralized financial protocols.
The most common attack method was permission abuse, in which victims unknowingly granted wallet permissions allowing attackers to move funds from their accounts.
The figures broadly match separate reports from blockchain security firm PeckShield, which estimated that February crypto exploits totaled $26.5 millionthe lowest monthly losses since March 2025. PeckShield attributed the decline in part to tighter risk controls and improved security practices across the industry.
Related: South Korea sells $21.5 million worth of Bitcoin recovered after custody breach
Crypto security improving, but major exploits persist
Hacks and scams have been a persistent feature of the cryptocurrency industry since its beginnings, although exchanges and security firms say defenses are gradually improving.
Crypto exchange Bybit recently reported that its fraud prevention system was blocked more than $300 million in unauthorized withdrawals during the last quarter of last year. The company said it flagged around 350 high-risk fraudulent addresses and prevented around 8,000 users from falling victim to potential scams.
Despite improvements in detection systems, large-scale attacks remain a major risk for the industry. According to ChainalysisCrypto hacks led to cumulative losses of $3.4 billion last year, highlighting the scale of the threat.
Related: Google discovers iOS exploit kit used in crypto-phishing attacks
