February Crypto Losses Drop to $49M as Scammers Pivot to Phishing Techniques
Digital asset theft experienced a dramatic decline last month following January's surge, though cybersecurity experts caution that fraudsters are shifting focus toward wallet permission exploitation and social manipulation strategies.
February witnessed a significant drop in cryptocurrency-related hacking incidents, yet malicious actors are progressively directing their efforts toward users via phishing operations and deceptive wallet authorization requests — a transformation that indicates they are now concentrating more heavily on manipulating human psychology rather than exploiting weaknesses in blockchain smart contracts.
Data from Nominis' monthly security analysis reveals that approximately $49 million was siphoned through crypto-related breaches throughout February.
The majority of these losses stemmed from a solitary incident targeting Step Finance, which operates as a portfolio management dashboard and analytics service on the Solana blockchain network, with malicious actors successfully extracting around $30 million.
This February total represents a dramatic reduction compared to the $385 million that was stolen during January. Although a single month's worth of information doesn't necessarily establish a long-term pattern, the decrease implies that widespread protocol vulnerabilities were exploited less frequently throughout this timeframe.
According to Nominis, attacks leveraging social engineering techniques resulted in greater overall losses than conventional smart contract exploits, with phishing operations experiencing a notable surge throughout the month. Such attacks commonly deceive users into engaging with harmful links or authorizing illegitimate transactions.
Individual users emerged as the primary targets, as opposed to centralized cryptocurrency exchanges or decentralized finance platforms.
Authorization abuse represented the most frequently observed attack vector, where victims inadvertently approved wallet permissions that enabled attackers to transfer digital assets from their accounts.
These statistics correspond closely with independent data from blockchain security firm PeckShield, which calculated that crypto exploits during February reached $26.5 million, representing the lowest monthly theft figures since March 2025. PeckShield credited the reduction in part to enhanced risk management protocols and upgraded security measures implemented throughout the sector.
Crypto security improving, but major exploits persist
Hacking incidents and fraudulent schemes have remained a constant challenge within the cryptocurrency sector from its inception, although trading platforms and security organizations report that protective measures are steadily advancing.
Cryptocurrency exchange platform Bybit disclosed recently that its anti-fraud infrastructure successfully prevented over $300 million in illicit withdrawal attempts throughout the fourth quarter of last year. The platform indicated it identified approximately 350 high-risk fraudulent addresses and protected roughly 8,000 users from becoming victims of potential scam operations.
Notwithstanding advancements in threat detection capabilities, large-scale security breaches continue to pose a significant danger to the industry. Data published by Chainalysis indicates that cryptocurrency hacks generated $3.4 billion in aggregate losses throughout last year, highlighting the magnitude of the ongoing security challenge.
