Blockchain security company PeckShield released its monthly security report on Sunday via the X platform. Data shows that the total losses from cryptocurrency hacking and scams in February 2026 dropped to $26.5 million, the lowest monthly level since March 2025. PeckShield pointed out that the absence of mega-scale hacker attacks, market volatility leading to strategic shifts, and continuous improvements in security measures are the main reasons for this decline.
February Crypto Loss Analysis: Two Major Incidents Account for Most of the Damage
(Source: PeckShield)
In February, there were 15 security incidents, but only two caused the majority of losses, indicating that attacks are becoming more concentrated rather than dispersed.
Largest Crypto Security Incidents in February
YieldBlox (February 21): A price manipulation attack stole $10 million from a DAO-managed lending pool, making it the biggest single incident of the month.
IoTeX (February 21): A decentralized identity protocol lost about $8.9 million due to private key leakage, ranking as the second-largest loss in February.
Total Share: These two incidents combined account for $18.9 million, over 70% of February’s total losses.
Notably, the massive incident in February 2025 when Bybit was hacked for $1.5 billion is not reflected in this report. PeckShield spokesperson noted that this structural factor significantly contributed to the sharp decline in February’s data.
Three Main Reasons for the Decline in Losses and Future Outlook
PeckShield spokesperson told Cointelegraph that early February saw a sharp market correction, with Bitcoin falling below $70,000, shifting industry focus from protocol exploits to institutional deleveraging and algorithmic sell-offs. “During high volatility periods, strategic focus often shifts from protocol vulnerabilities to managing market liquidity,” the spokesperson explained.
Kronos Research analyst Dominick John added that the decline in losses also reflects enhanced risk controls at major trading venues, higher standards for counterparties, and improved real-time monitoring: “Capital is becoming more selective, favoring protocols with mature security frameworks.” He predicts that as audits, monitoring, and institutional risk frameworks mature, losses may continue to decrease throughout the year, with AI-driven code reviews and automated vulnerability scans further accelerating this trend.
However, phishing remains a persistent threat. Despite a significant drop in wallet theft losses in 2025 (from $494 million to $83.85 million), PeckShield warned: “Malicious actors are no longer primarily trying to hack contracts but are increasingly focusing on attacking individuals. For institutions and whale users, multi-signature cold storage solutions are crucial.”
Frequently Asked Questions
Why did crypto losses in February 2026 drop to recent lows?
PeckShield cites three main reasons: the absence of mega-scale attacks like the $1.5 billion Bybit hack in 2025; market volatility shifting hacker strategies from protocol exploits to liquidity manipulation; and continuous security enhancements and risk controls at major trading venues.
What was the biggest crypto security incident in February?
The largest incident was YieldBlox’s price manipulation attack, resulting in a $10 million loss. The second was IoTeX’s private key leak, with about $8.9 million lost. Both occurred on February 21, accounting for over 70% of the month’s total losses.
Will crypto security continue to improve in the future?
Kronos Research analyst Dominick John expects losses to keep decreasing as audits, monitoring, and institutional risk frameworks mature. AI-driven automated vulnerability scans will help detect issues earlier, but the rapidly evolving ecosystem remains a challenge. The shift toward attacking individuals through phishing requires ongoing vigilance.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
Sillytuna Hackers Move Over $10M in Stolen Crypto Funds
The Sillytuna hackers have laundered over $10M in stolen funds, primarily using Bitcoin and DAI, through exchanges and mixers to obscure the origins. Despite these movements, they still hold $19M in stolen assets.
BlockChainReporter2h ago
Shiba Inu: Alert Issued as SHIB Participant Social Media Account Gets Hacked - U.Today
Ragnarshib warns the Shiba Inu community about a hacked account belonging to Vet Kusama, currently used by scammers to send fraudulent messages. Users are advised not to interact with the account or its links until it is recovered.
UToday4h ago
IoTeX Releases ioTube Security Incident Report: Actual Losses Approximately $4.4 Million, Pledges Full Compensation to Affected Users
IoTeX reports that the ioTube cross-chain bridge incident on March 6 resulted in approximately $4.4 million in losses. 99.5% of the stolen assets have been frozen, and the team has committed to fully compensate affected users. The mainnet has resumed operation, and the attacker’s address has been blacklisted. Meanwhile, efforts are underway to promote decentralized governance and security audits.
GateNews7h ago
Prince Group is laundering 10.7 billion NT dollars in Taiwan! Developing their own "OJBK Wallet" to connect with underground currency exchanges.
Taipei District Prosecutors Office is investigating the Cambodia "Prince Group" money laundering case, indicting 62 individuals and 13 companies. The involved amount of money laundering is 10.7 billion, and assets worth 5.5 billion have been seized. The group used USDT and their self-developed "OJBK Wallet" to conduct cross-border money laundering, conceal criminal proceeds, and withdraw cash in multiple countries.
区块客9h ago
HypurrFi reveals that early versions of Aave V3 had a rounding error vulnerability, and the addition of new lending markets for XAUT0 and UBTC has been suspended.
HyperEVM's custodial lending protocol HypurrFi disclosed that previous versions of Aave V3 had a "rounding error" vulnerability, allowing attackers to extract underlying tokens. HypurrFi guarantees the safety of user funds, has paused supply and borrowing operations in affected markets, and is working with relevant parties to address security issues.
GateNews10h ago
AI agents bypass Cloudflare protection, encrypting DeFi front-end security faces further tests
Recently, the autonomous AI agent OpenClaw successfully bypassed Cloudflare defenses using the Scrapling library, raising concerns about DeFi security. Although the tool can legally scrape content, the potential risks remind developers to establish multiple layers of defense and avoid over-reliance on traditional protection measures.
GateNews11h ago
