Crypto-related hacks fell sharply in February, but attackers are increasingly targeting users through phishing campaigns and verifying dubious wallets — a shift that shows they’re more focused on exploiting human behavior than vulnerabilities in smart contracts.
According to Nominis’ monthly report, around $49 million was lost to crypto-related exploits in February.
A single breach of Step Finance, a portfolio dashboard and analytics platform built on the Solana blockchain, accounted for the bulk of the losses, with attackers wiping out around $30 million.
That number represents a sharp drop in February from the $385 million stolen in January. While the monthly data doesn’t necessarily indicate a steady trend, the decline suggests that large-scale exploits of the protocols have become less prevalent over the period.
Nominis said that social engineering attacks caused more cumulative damage than traditional smart contract exploits, and that phishing campaigns increased sharply during the month. These attacks typically trick users into interacting with malicious links or signing fraudulent transactions.
Instead of centralized exchanges or decentralized financial protocols, individuals were the most common victims.
The most common attack method was permission abuse, where victims unknowingly gave wallet permissions that allowed attackers to transfer funds from their accounts.
The numbers are broadly in line with separate reports from blockchain security firm PeckShield, which estimated that crypto mining hit $26.5 million in February, the smallest monthly loss since March 2025. PeckShield attributes the decline in part to tighter risk controls and improved security practices across the industry.
related to: South Korea sells $21.5 million worth of bitcoin after jailbreak
Crypto security is improving, but major exploits continue
Hacks and scams have been a constant feature of the cryptocurrency industry since its early days, although exchanges and security firms say defenses are gradually improving.
Crypto exchange Bybit recently reported that its fraud prevention system blocked more than $300 million in unauthorized withdrawals in the last quarter of last year. The company said it has flagged around 350 high-risk fraud addresses and prevented around 8,000 users from falling victim to potential scams.
Despite improvements in detection systems, large-scale attacks remain a major threat to the industry. According to Chainalysis, crypto breaches caused a total of $3.4 billion in damages last year, underscoring the scale of the threat.
related to: Google Reveals iOS Exploit Kit Used in Crypto Phishing Attacks
