Crypto hacks and exploits resulted in approximately $37.7 million in losses in February 2026, marking the lowest monthly total since March 2025, according to data from Certik.
Wallet compromise incidents accounted for $16.6 million of the total, making it the largest loss category, while price manipulation attacks followed at $11.4 million and phishing schemes drained $8.6 million from victims.
YieldBlox recorded the largest individual exploit at $10.6 million, followed by IoTeX at $8.9 million and Foom at $2.3 million, underscoring the continued vulnerability of decentralised platforms.
DeFi protocols suffered the highest losses by sector at $14.4 million, while AI-related projects emerged as the second-largest target with $8.9 million in thefts, and gambling platforms lost $2.3 million.
Instadapp posted a $10.5 million incident, with EFX losing $8.9 million and smaller breaches affecting projects including Kasm, Initia and CryptoFarm, and following the announcement the Certik share price was unchanged at $N/A.
Funds returned or frozen totalled $11.3 million, representing roughly 30% of February’s losses and highlighting partial recovery efforts across affected platforms.
The February figure represents a sharp decline from January and most months in 2025, with Certik data indicating the drop was driven by fewer high-value exploits rather than a material reduction in overall attack frequency.