{ "id": 63176, "date": "2026-03-12T10:09:18", "date_gmt": "2026-03-12T03:09:18", "guid": { "rendered": "https:\/\/hbbgroup.net\/crypto-thieves-pivot-to-phishing-as-protocol-hacks-decline-in-february\/" }, "modified": "2026-03-12T10:09:18", "modified_gmt": "2026-03-12T03:09:18", "slug": "crypto-thieves-pivot-to-phishing-as-protocol-hacks-decline-in-february", "status": "publish", "type": "post", "link": "https:\/\/hbbgroup.net\/en_us\/crypto-thieves-pivot-to-phishing-as-protocol-hacks-decline-in-february\/", "title": { "rendered": "Crypto Thieves Pivot To Phishing As Protocol Hacks Decline In February" }, "content": { "rendered": "
\n

Bybit blocked more than $300 million in unauthorized withdrawals during the final quarter of last year \u2014 a figure that puts February\u2019s total crypto<\/a> theft losses in sharp relief.<\/p>\n

According to security firm Nominis<\/a>, close to $50 million was stolen across the entire crypto industry last month, a fraction of what Bybit alone says it turned away in just three months.<\/p>\n

Attackers Home In On Human Error<\/h2>\n

The drop from January\u2019s $385 million in losses might look like progress, but security researchers say the more significant story is where the attacks are coming from.<\/p>\n

Social engineering<\/a> \u2014 scams that trick people into handing over access \u2014 caused more cumulative damage in February than traditional software exploits did.<\/p>\n

Phishing campaigns climbed sharply during the month, with criminals sending fraudulent messages designed to get users to click malicious links or sign transactions they shouldn\u2019t.<\/p>\n

<\/p>\n

The most common method was authorization abuse. Victims were manipulated into granting wallet permissions without realizing what they\u2019d approved.<\/p>\n

Once those permissions were in place, attackers could move funds out freely. Private individuals bore the brunt of these attacks, not exchanges or large protocols.<\/p>\n

<\/p>\n

One Breach Drove Most Of The Damage<\/h2>\n

A single incident accounted for most of February\u2019s losses. Step Finance<\/a>, a portfolio analytics platform built on Solana, was drained of approximately $30 million. Strip that one event out, and February would have been remarkably quiet by recent standards.<\/p>\n

The broader numbers back that up. Blockchain security company PeckShield<\/a> put February losses at $26.5 million \u2014 the lowest monthly figure since March 2025.<\/p>\n

PeckShield credited stronger risk controls and better security practices across the industry for part of the decline.<\/p>\n

BTCUSD trading at $69,268 on the 24-hour chart: TradingView<\/a><\/figcaption><\/figure>\n

Big Losses Still Loom Over The Industry<\/h3>\n

Even with a quieter month on the books, the industry\u2019s annual toll remains staggering. Data from Chainalysis<\/a> shows crypto hacks cost the industry $3.4 billion last year. That figure underscores how much ground still needs to be covered before theft can be called a contained problem.<\/p>\n

Bybit\u2019s own numbers offer a window into how much active work that requires. The exchange said its fraud systems flagged roughly 350 high-risk addresses and stopped around 8,000 users from falling into potential scams \u2014 all in a single quarter.<\/p>\n

Reports indicate that while large-scale protocol attacks appear to be easing, the rise in scams targeting everyday users signals that criminals are simply redirecting their efforts.<\/p>\n

Better smart contract audits and stronger on-chain monitoring may be closing one door. But as long as people can be deceived into approving the wrong transaction, another door stays open.<\/p>\n

Featured image from Trillium Mutual Insurance<\/em>, chart from TradingView<\/em><\/p>\n<\/p><\/div>", "protected": false }, "excerpt": { "rendered": "

Bybit blocked more than $300 million in unauthorized withdrawals during the final quarter of last year \u2014 a figure that […]<\/p>", "protected": false }, "author": 5, "featured_media": 63180, "comment_status": "open", "ping_status": "open", "sticky": false, "template": "", "format": "standard", "meta": { "_acf_changed": false, "footnotes": "" }, "categories": [ 220 ], "tags": [], "class_list": [ "post-63176", "post", "type-post", "status-publish", "format-standard", "has-post-thumbnail", "hentry", "category-tien-dien-tu" ], "acf": [], "_links": { "self": [ { "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/posts\/63176", "targetHints": { "allow": [ "GET" ] } } ], "collection": [ { "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/posts" } ], "about": [ { "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/types\/post" } ], "author": [ { "embeddable": true, "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/users\/5" } ], "replies": [ { "embeddable": true, "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/comments?post=63176" } ], "version-history": [ { "count": 0, "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/posts\/63176\/revisions" } ], "wp:featuredmedia": [ { "embeddable": true, "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/media\/63180" } ], "wp:attachment": [ { "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/media?parent=63176" } ], "wp:term": [ { "taxonomy": "category", "embeddable": true, "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/categories?post=63176" }, { "taxonomy": "post_tag", "embeddable": true, "href": "https:\/\/hbbgroup.net\/en_us\/wp-json\/wp\/v2\/tags?post=63176" } ], "curies": [ { "name": "wp", "href": "https:\/\/api.w.org\/{rel}", "templated": true } ] } }