Key Takeaways
- Digital asset security breaches resulted in losses between $26.5M and $35.7M during February, marking the lowest point since March 2025
- A $10M oracle manipulation attack targeting YieldBlox’s lending platform on Stellar represented the month’s most significant breach
- The IoTeX blockchain platform suffered roughly $8.9M in losses due to a compromised private key on February 21
- Monthly losses declined by more than 69% compared to January’s $86M figure, and substantially below February 2025’s $1.5B Bybit incident
- Phishing operations continue as a major vulnerability, responsible for $8.5M in February damages
The cryptocurrency sector experienced a dramatic reduction in theft and fraud during February, reaching its lowest monthly total since March 2025. Leading blockchain security monitoring firms PeckShield and CertiK independently verified the downturn, reporting aggregate losses between $26.5 million and $35.7 million throughout the period.
This represents a steep decline from January’s $86 million in documented losses—a reduction exceeding 69% in just one month. The February 2026 figures also stand in stark contrast to the same month last year, when the massive $1.5 billion Bybit exchange compromise dominated the statistics.
Security researchers documented 15 separate incidents during February, though two major exploits accounted for the majority of stolen funds. The most substantial loss came from YieldBlox, a decentralized autonomous organization operating a lending protocol on the Stellar blockchain, which lost $10 million.
The breach occurred on February 22 when a malicious actor took advantage of shallow liquidity within the USTRY/USDC trading pair. Through a single manipulated transaction, the attacker artificially pumped the token’s valuation by 100 times its actual worth, deceiving the protocol into permitting massively undercollateralized loan withdrawals.
The second-most damaging incident struck IoTeX, a blockchain platform focused on Internet-of-Things applications, on February 21. An unauthorized party obtained access to a private key controlling the project’s token vault.
The perpetrator rapidly converted the stolen digital assets into ETH before transferring them through cross-chain bridges to Bitcoin. While CertiK’s assessment placed losses near $9 million, IoTeX’s internal evaluation suggested approximately $2 million in actual damages.
Foom.Cash, a privacy-focused protocol, experienced the third-largest breach at $2.2 million. The attacker discovered a cryptographic vulnerability that enabled them to fabricate zkSNARK proofs, generating fraudulent digital credentials that the system validated as legitimate.
Factors Behind the Decline
PeckShield analysts highlighted that February avoided any catastrophic “mega-hack” comparable to the Bybit breach, which significantly limited total losses. A substantial Bitcoin price downturn in the month’s early days, with valuations falling beneath $70,000, also appeared to redirect attention away from protocol vulnerabilities.
Dominick John, an analyst at Kronos Research, suggested that enhanced risk management protocols, more stringent counterparty verification processes, and upgraded real-time surveillance systems across major exchanges likely played a role in reducing incidents. He emphasized that artificial intelligence-powered code audits and automated security scanning tools are identifying vulnerabilities at earlier stages.
Phishing Threats Persist
While overall losses decreased dramatically, phishing schemes remained a significant concern. These social engineering attacks were responsible for $8.5 million of February’s documented losses.
The proliferation of “drainer-as-a-service” operations such as Angel Drainer and Inferno Drainer has lowered the technical barrier for conducting sophisticated phishing campaigns. These platforms supply replica websites, counterfeit social media profiles, and pre-programmed malicious smart contracts to attackers in exchange for a percentage of the stolen cryptocurrency.
PeckShield recommended that both institutional players and high-net-worth individual investors implement multi-signature cold storage solutions and maintain rigorous private key security protocols.
Despite ongoing concerns, wallet drainer-related losses have shown a positive trend year-over-year, declining from $494 million throughout 2024 to $83.85 million in 2025.
