|
Getting your Trinity Audio player ready...
|
- Crypto losses dropped 87% in February 2026, falling from $385M in January to about $49M.
- A single breach at Step Finance accounted for nearly $30M in losses.
- Hackers are increasingly targeting users through social engineering rather than technical exploits.
Crypto security saw a significant improvement in February 2026, with total losses dropping sharply compared to the previous month. Yet the decline does not necessarily mean the threat landscape is improving. Instead, attackers are increasingly shifting their focus away from smart contract vulnerabilities and toward exploiting human behavior.
According to a report by blockchain security firm Nominis, the industry recorded roughly $49.3 million in losses during February, a steep 87% drop from January’s $385 million. While the numbers appear encouraging, the methods behind the attacks reveal a concerning trend: hackers are targeting people rather than code.
Major Breach Forces Step Finance Shutdown
A large portion of February’s losses came from a single incident involving Step Finance, a platform built on Solana.
Attackers reportedly gained access to an executive’s compromised device, allowing them to drain approximately 261,854 SOL, valued between $27 million and $40 million at the time of the breach. Because the compromised device had high-level administrative access, the attackers were able to move funds despite the platform’s smart contracts functioning as intended.
The incident was severe enough that Step Finance ultimately shut down its core services and associated initiatives, highlighting a growing vulnerability in crypto platforms: privileged access points controlled by individuals.
Social Engineering and Wallet Tricks on the Rise
Beyond large platform breaches, February saw an increase in social engineering scams targeting everyday users.
One tactic gaining traction is address poisoning, where attackers send small amounts of cryptocurrency from wallet addresses that closely resemble a victim’s frequently used addresses. If the victim later copies the wrong address from their transaction history, funds may be mistakenly sent to the attacker.
Another growing threat involves malicious approval transactions. Instead of trying to steal seed phrases, attackers now persuade users to sign permission requests such as “increaseAllowance.” Once approved, the attacker can later withdraw tokens directly from the victim’s wallet.
These approval-based scams alone resulted in more than $500,000 in losses during February.
Technical Exploits Still Occur
While human-focused attacks dominated the month, traditional technical exploits still appeared.
DeFi protocol YieldBlox lost about $10.2 million after attackers manipulated its price oracle system to borrow more assets than they had deposited. Meanwhile, cross-chain vulnerabilities impacted projects like CrossCurve and IoTeX, allowing attackers to mint tokens without proper backing.
Authorities are also becoming more aggressive in tackling crypto crime.
In the United States, investigators seized roughly $6.1 million from “pig-butchering” scam operations, while authorities in South Korea uncovered a $4.8 million theft linked to a seed phrase accidentally visible in a photograph.
Also Read: Google Researchers Uncover Massive iPhone Hack Targeting MetaMask & Uniswap Users
Meanwhile, a newly established enforcement initiative called the Scam Center Strike Force has already frozen more than $580 million in stolen crypto within its first three months.
February’s sharp decline in crypto losses suggests improved technical defenses, but the evolving tactics of attackers tell a different story. As hackers increasingly target human behavior rather than blockchain code, security awareness among users and administrators may become just as critical as smart contract audits.
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of Chain Affairs. Before making any investment decisions, you should always conduct your own research. Chain Affairs is not responsible for any financial losses.
I’m a crypto enthusiast with a background in finance. I’m fascinated by the potential of crypto to disrupt traditional financial systems. I’m always on the lookout for new and innovative projects in the space. I believe that crypto has the potential to create a more equitable and inclusive financial system.
