Blockchain security company PeckShield released its monthly security report on Sunday via the X platform. Data shows that the total losses from cryptocurrency hacking and scams in February 2026 dropped to $26.5 million, the lowest monthly level since March 2025. PeckShield pointed out that the absence of mega-scale hacker attacks, market volatility leading to strategic shifts, and continuous improvements in security measures are the main reasons for this decline.
February Crypto Loss Analysis: Two Major Incidents Account for Most of the Damage
(Source: PeckShield)
In February, there were 15 security incidents, but only two caused the majority of losses, indicating that attacks are becoming more concentrated rather than dispersed.
Largest Crypto Security Incidents in February
YieldBlox (February 21): A price manipulation attack stole $10 million from a DAO-managed lending pool, making it the biggest single incident of the month.
IoTeX (February 21): A decentralized identity protocol lost about $8.9 million due to private key leakage, ranking as the second-largest loss in February.
Total Share: These two incidents combined account for $18.9 million, over 70% of February’s total losses.
Notably, the massive incident in February 2025 when Bybit was hacked for $1.5 billion is not reflected in this report. PeckShield spokesperson noted that this structural factor significantly contributed to the sharp decline in February’s data.
Three Main Reasons for the Decline in Losses and Future Outlook
PeckShield spokesperson told Cointelegraph that early February saw a sharp market correction, with Bitcoin falling below $70,000, shifting industry focus from protocol exploits to institutional deleveraging and algorithmic sell-offs. “During high volatility periods, strategic focus often shifts from protocol vulnerabilities to managing market liquidity,” the spokesperson explained.
Kronos Research analyst Dominick John added that the decline in losses also reflects enhanced risk controls at major trading venues, higher standards for counterparties, and improved real-time monitoring: “Capital is becoming more selective, favoring protocols with mature security frameworks.” He predicts that as audits, monitoring, and institutional risk frameworks mature, losses may continue to decrease throughout the year, with AI-driven code reviews and automated vulnerability scans further accelerating this trend.
However, phishing remains a persistent threat. Despite a significant drop in wallet theft losses in 2025 (from $494 million to $83.85 million), PeckShield warned: “Malicious actors are no longer primarily trying to hack contracts but are increasingly focusing on attacking individuals. For institutions and whale users, multi-signature cold storage solutions are crucial.”
Frequently Asked Questions
Why did crypto losses in February 2026 drop to recent lows?
PeckShield cites three main reasons: the absence of mega-scale attacks like the $1.5 billion Bybit hack in 2025; market volatility shifting hacker strategies from protocol exploits to liquidity manipulation; and continuous security enhancements and risk controls at major trading venues.
What was the biggest crypto security incident in February?
The largest incident was YieldBlox’s price manipulation attack, resulting in a $10 million loss. The second was IoTeX’s private key leak, with about $8.9 million lost. Both occurred on February 21, accounting for over 70% of the month’s total losses.
Will crypto security continue to improve in the future?
Kronos Research analyst Dominick John expects losses to keep decreasing as audits, monitoring, and institutional risk frameworks mature. AI-driven automated vulnerability scans will help detect issues earlier, but the rapidly evolving ecosystem remains a challenge. The shift toward attacking individuals through phishing requires ongoing vigilance.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
SlowMist: Beware of Fake imToken Chrome Extension
PANews March 6 News, SlowMist Technology Chief Information Security Officer 23pds issued a warning to beware of fake imToken Chrome extensions. A fake imToken Chrome extension in the Chrome Web Store can phishing for seed phrases and private keys.
GateNews2h ago
Absurd: Korean Fraud Convict Dead for 7 Years Resurrects, Court Sells Cryptocurrency to Compensate Victims
A South Korean fraudster was finally deported after being declared dead seven years ago. The court revoked his missing person declaration, and his frozen assets of approximately $60,000 were used to compensate the victims. This incident exposed numerous flaws in the South Korean judicial system and sparked widespread criticism of digital asset management, prompting the government to undertake comprehensive reforms.
動區BlockTempo2h ago
FBI Arrests Court Security Officer in Cryptocurrency Theft Case, $46 Million Stolen Mystery Unveiled
The FBI in the United States arrested John Daghita on Saint Martin Island for allegedly illegally accessing $46 million in cryptocurrency managed by a sheriff's office. The case originated from on-chain detective ZachXBT's tracking, revealing vulnerabilities in government digital asset custody and raising questions about third-party custody security. It has not yet been confirmed whether the stolen assets have been recovered.
MarketWhisper3h ago
PsiQuantum quantum computing facility breaks ground, potentially capable of cracking Bitcoin
PsiQuantum's million-qubit facility in Chicago has officially broken ground. In collaboration with NVIDIA, they plan to build powerful quantum computers. The facility could challenge Bitcoin's encryption technology, sparking discussions on cybersecurity. Threat assessments of quantum computers show that early UTXO wallets are the most vulnerable, and some experts believe that quantum computers will not have a significant impact on Bitcoin within the next ten years. PsiQuantum emphasizes that they have no intention of attacking Bitcoin, but the risks of technological diffusion still need to be monitored.
MarketWhisper4h ago
HypurrFi discloses an "Rounding Error" vulnerability in the early version of Aave V3, and has suspended new lending in the XAUT0 and UBTC markets.
HyperEVM's HypurrFi posted a message on the X platform that the previous version of Aave V3 3.5 has a "rounding error" vulnerability, which attackers can exploit to extract underlying tokens. Affected markets have suspended related operations, user funds are safe, and the team is working together to resolve the issue.
GateNews4h ago
