As crypto investors caught their breath after a bruising start to the year, the tide of digital heists appeared to ease in February. According to new data from Nominis, hackers and scammers stole roughly $49.3 million across major incidents, down sharply from $385 million the month before.
Yet behind the seeming reprieve, experts warn of a more insidious threat: the rise of scams that don’t exploit code, but people. Nominis’ February 2026 report shows a clear pivot in attacker behavior.
Rather than exploiting smart contract flaws or blockchain infrastructure, many incidents relied on phishing, malicious approvals, and address poisoning.
- Winklevoss Twins Move $130M Bitcoin while Gemini Launches US Prediction Markets
- There Are Many Obstacles Behind the CLARITY Act Delay, but Stablecoin Yield Is Not One
- Retail Traders Are No Longer Buying Both: US Equity Share Hits 36%, Crypto Drops
Decline Follows January’s Heavy Losses
Victims often signed fraudulent transactions or unknowingly granted permission for attackers to access their wallets,a form of “authorization abuse” that accounted for most losses during the month.
Private users were hit hardest, while large platforms escaped major compromises. The biggest exception was a breach at Step Finance, a Solana-based analytics platform, which lost roughly $30 million after attackers infiltrated its infrastructure. That single attack made up more than 60% of all crypto losses in February.
Continue reading: Crypto Fraud Tops UK Agenda as £14B Losses Spur New Strategy
The steep drop from January’s $385 million has sparked cautious optimism among analysts. Blockchain Blockchain Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned). In this sense, blockchain is immune to the manipulation of data, making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamp Blockchain comprises a digital network of blocks with a comprehensive ledger of transactions made in a cryptocurrency such as Bitcoin or other altcoins.One of the signature features of blockchain is that it is maintained across more than one computer. The ledger can be public or private (permissioned). In this sense, blockchain is immune to the manipulation of data, making it not only open but verifiable. Because a blockchain is stored across a network of computers, it is very difficult to tamp Read this Term security firm PeckShield reported similar findings, estimating $26.5 million in February exploits, its lowest figure since March 2025. The firm attributed the decline to stricter operational controls and improved monitoring systems across centralized exchanges and DeFi projects.
But the industry’s relative calm may be fragile. “Social engineering attacks caused more cumulative damage than smart contract Smart Contract A smart contract is a piece of software that automatically executes a pre-determined set of actions when a certain set of criteria or met. One of the key tenets of smart contracts is their ability to perform credible transactions without third parties and are self-executing, with their conditions written into the lines of code that form themAdditionally, these transactions are both trackable and irreversible. For example, a smart contract could be used to give royalty payouts to a musical artist A smart contract is a piece of software that automatically executes a pre-determined set of actions when a certain set of criteria or met. One of the key tenets of smart contracts is their ability to perform credible transactions without third parties and are self-executing, with their conditions written into the lines of code that form themAdditionally, these transactions are both trackable and irreversible. For example, a smart contract could be used to give royalty payouts to a musical artist Read this Term exploits,” Nominis noted, emphasizing a continued shift toward tactics that exploit human trust and interface confusion.
Better Defenses, but Not Immunity
Crypto platforms have been tightening fraud prevention measures. Bybit, for instance, revealed that its anti-fraud systems blocked more than $300 million in unauthorized withdrawals during late 2025, preventing thousands of potential scams.
Despite those advances, total losses across the sector remain staggering. Chainalysis estimated $3.4 billion in crypto stolen last year, underscoring persistent vulnerabilities even as defenses improve.
February’s data suggests that stronger code alone isn’t enough. The biggest risks now lie where technology meets behavior, permissions, signatures, and the everyday habits of wallet users.
