- Crypto hacks totaled $112.53 million across January and February 2026, with January accounting for most losses.
- February saw a sharp decline in stolen funds, but losses remained concentrated in a few major incidents.
- Cross-chain bridges, DeFi protocols, and phishing attacks continue to pose systemic security risks.
Crypto hasn’t had the cleanest start to 2026. According to data shared by PeckShield, hacks across January and February resulted in $112.53 million in losses. That’s not catastrophic in the context of prior years, but it’s far from reassuring either.
February did show a noticeable slowdown. Still, when you zoom out and combine both months, the message is pretty clear: security risks aren’t fading. They’re just shifting shape.
January Carried the Heaviest Damage
January alone accounted for $86.01 million in losses across 16 separate hacks. Interestingly, that figure represents a slight 1.42% year-on-year decline compared to January 2025, which recorded $87.25 million in stolen funds. So technically, it’s “better.” But barely.
On a month-on-month basis, losses were actually 13.25% higher than December 2025’s $75.95 million. So the year didn’t exactly start on stable footing.
What stands out most is concentration. A handful of exploits drove the majority of damage. Step Finance topped the list with $28.9 million lost, followed closely by Truebit at $26.4 million and SwapNet at $13.3 million. Saga reported $7 million in losses, while Makina Finance lost $4.13 million, though about $2.7 million of that was later recovered.
And then there’s phishing.
PeckShield noted that phishing-related losses exceeded $300 million in January alone. That number dwarfs smart contract exploits and underscores something uncomfortable: social engineering remains one of crypto’s weakest links. Code can be audited. Human behavior, not so much.
February Declines Sharply, But Risks Persist
February’s numbers were significantly lower, at least on the surface. The sector recorded 15 major hacks totaling $26.52 million, a 69.2% drop from January. Year-on-year, the decline appears even more dramatic, down 98.2% compared to February 2025.
But that comparison comes with context. Last February included the massive $1.4 billion Bybit-related exploit, which distorted the baseline. Strip that out, and the improvement feels less dramatic.
Even with the lower aggregate figure, concentration remained high. The top five hacks in February accounted for roughly 98% of all stolen funds, or about $25.86 million.
YieldBlox DAO led the month with a $10 million loss. The IoTeX bridge followed at $8.8 million. CrossCurve reported $4.95 million, FOOM Cash $2.26 million, and Moonwell $1.8 million. Smaller numbers than January, yes. But still meaningful.
Volatility, Not Resolution
When you combine January and February, a pattern emerges. It’s not one of steady improvement. It’s one of volatility and concentration.
Large, headline-grabbing exploits may be less frequent than during peak bull market chaos, but mid-sized protocol and bridge attacks continue to surface. Cross-chain infrastructure, in particular, remains vulnerable. And DeFi applications still carry structural risk that hasn’t fully been engineered away.
February’s decline in losses offers a small sense of relief. But relief isn’t resolution.
For now, 2026 is shaping up as a reminder that crypto security isn’t a solved problem. It’s evolving. Sometimes tightening. Sometimes exposed. And always one exploit away from testing market confidence again.
