Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Cryptocurrency exploits recorded a drop of more than 90% in February, with digital asset thieves able to steal only $35.7 million across the entire ecosystem.
This sharp decline marks the quietest month in terms of cryptocurrency security since March 2025, giving the sector a brief respite from frequent massive attacks that typically exceed nine figures.
Phishing and oracle attacks continue despite sharp drop in cryptocurrency theft
Data collected by Cirtec, a company specializing in blockchain security, revealed a sharp monthly decline. Massive January losses.
Furthermore, these numbers reflect a significant annual contraction. February of last year was dominated by an exceptional event: $1.5 billion hack on the Bybit platform, This is an exception that has greatly affected the annual security indicators.
Despite a general slowdown in digital crime activity, targeted attacks have continued to drain millions of dollars from DeFi protocols.
February 22 saw the largest cryptocurrency exploitation incident on the Stellar network.
Team mentioned Coil Odets A hacker has exploited the community-managed YieldBlox Blend pool. The attacker stole more than $10 million through a traditional attack on the weak liquidity oracle.
The attacker executed an unusual trade in the extremely low liquidity USTRY/USDC market, artificially inflating the price of the token by 100 times.
This led to a spoofing of the protocol’s rating system, which allowed the attacker to carry out massive loans without adequate collateral.
A day earlier, on February 21, the IoT blockchain project was exposed IOTEX suffers major hack after private key leak.
While Certek estimated the losses at around $9 million, the IOTEX team confirmed that the amount stolen was closer to $2 million.
Security researchers noted that the attacker used the compromised key to access the token vault, quickly replacing the stolen assets with eth and transferring them to Bitcoin via cross-chain bridges.
The first three incidents were rounded out by the theft of $2.2 million from FoamCash, a privacy protocol.
The report said the attacker exploited a cryptographic vulnerability to falsify zkSNARK proofs, allowing them to create fake digital credentials that the protocol accepted, allowing them to withdraw large amounts of tokens.
Cryptocurrency phishing attacks are still a concern
Beyond the risks related to smart contract vulnerabilities, phishing scams remain a persistent threat, specifically accounting for $8.5 million in total losses in February.
The cryptocurrency phishing sector has seen a recent boom, driven by the emergence of professional “drainer-as-a-service” providers such as AngelDrainer and InfernoDrainer.
These platforms allow fraudsters to carry out large-scale malicious operations with a minimum of technical expertise. These services provide fraudsters with a built-in toolkit that includes fake websites, fake social media accounts and automated smart contract scripts.
In exchange for providing this illegal infrastructure, the operators receive a percentage of all stolen funds.
