{"id":141547,"date":"2026-03-12T03:00:02","date_gmt":"2026-03-12T03:00:02","guid":{"rendered":"https:\/\/mycryptomania.com\/?p=141547"},"modified":"2026-03-12T03:00:02","modified_gmt":"2026-03-12T03:00:02","slug":"crypto-thieves-pivot-to-phishing-as-protocol-hacks-decline-in-february","status":"publish","type":"post","link":"https:\/\/mycryptomania.com\/?p=141547","title":{"rendered":"Crypto Thieves Pivot To Phishing As Protocol Hacks Decline In February"},"content":{"rendered":"<p>Bybit blocked more than $300 million in unauthorized withdrawals during the final quarter of last year \u2014 a figure that puts February\u2019s total <a href=\"https:\/\/www.coingecko.com\/en\/coins\/bitcoin\" target=\"_blank\" rel=\"noopener\">crypto<\/a> theft losses in sharp relief.<\/p>\n<p>According to security firm <a href=\"https:\/\/www.nominis.io\/insights\/nominis-monthly-report-crypto-hacks-and-attacks-in-february-2026\">Nominis<\/a>, close to $50 million was stolen across the entire crypto industry last month, a fraction of what Bybit alone says it turned away in just three months.<\/p>\n<h2>Attackers Home In On Human Error<\/h2>\n<p>The drop from January\u2019s $385 million in losses might look like progress, but security researchers say the more significant story is where the attacks are coming from.<\/p>\n<p><a href=\"https:\/\/www.imperva.com\/learn\/application-security\/social-engineering-attack\/\" target=\"_blank\" rel=\"noopener\">Social engineering<\/a> \u2014 scams that trick people into handing over access \u2014 caused more cumulative damage in February than traditional software exploits did.<\/p>\n<p>Phishing campaigns climbed sharply during the month, with criminals sending fraudulent messages designed to get users to click malicious links or sign transactions they shouldn\u2019t.<\/p>\n\n<p>The most common method was authorization abuse. Victims were manipulated into granting wallet permissions without realizing what they\u2019d approved.<\/p>\n<p>Once those permissions were in place, attackers could move funds out freely. Private individuals bore the brunt of these attacks, not exchanges or large protocols.<\/p>\n\n<h2>One Breach Drove Most Of The Damage<\/h2>\n<p>A single incident accounted for most of February\u2019s losses. <a href=\"https:\/\/www.halborn.com\/blog\/post\/explained-the-step-finance-hack-january-2026\" target=\"_blank\" rel=\"noopener\">Step Finance<\/a>, a portfolio analytics platform built on Solana, was drained of approximately $30 million. Strip that one event out, and February would have been remarkably quiet by recent standards.<\/p>\n<p>The broader numbers back that up. Blockchain security company <a href=\"https:\/\/x.com\/PeckShieldAlert\/status\/2028052972543127797\" target=\"_blank\" rel=\"noopener\">PeckShield<\/a> put February losses at $26.5 million \u2014 the lowest monthly figure since March 2025.<\/p>\n<p>PeckShield credited stronger risk controls and better security practices across the industry for part of the decline.<\/p>\n<p>Big Losses Still Loom Over The Industry<\/p>\n<p>Even with a quieter month on the books, the industry\u2019s annual toll remains staggering. Data from <a href=\"https:\/\/www.chainalysis.com\/blog\/crypto-hacking-stolen-funds-2026\/?utm_source=chatgpt.com\" target=\"_blank\" rel=\"noopener\">Chainalysis<\/a> shows crypto hacks cost the industry $3.4 billion last year. That figure underscores how much ground still needs to be covered before theft can be called a contained problem.<\/p>\n<p>Bybit\u2019s own numbers offer a window into how much active work that requires. The exchange said its fraud systems flagged roughly 350 high-risk addresses and stopped around 8,000 users from falling into potential scams \u2014 all in a single quarter.<\/p>\n<p>Reports indicate that while large-scale protocol attacks appear to be easing, the rise in scams targeting everyday users signals that criminals are simply redirecting their efforts.<\/p>\n<p>Better smart contract audits and stronger on-chain monitoring may be closing one door. But as long as people can be deceived into approving the wrong transaction, another door stays open.<\/p>\n<p><em>Featured image from Trillium Mutual Insurance<\/em><em>, chart from TradingView<\/em><\/p>","protected":false},"excerpt":{"rendered":"<p>Bybit blocked more than $300 million in unauthorized withdrawals during the final quarter of last year \u2014 a figure that puts February\u2019s total crypto theft losses in sharp relief. According to security firm Nominis, close to $50 million was stolen across the entire crypto industry last month, a fraction of what Bybit alone says it [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":141548,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-141547","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-discovery"],"_links":{"self":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/posts\/141547"}],"collection":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=141547"}],"version-history":[{"count":0,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/posts\/141547\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=\/wp\/v2\/media\/141548"}],"wp:attachment":[{"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=141547"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=141547"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mycryptomania.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=141547"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}