Crypto hacks drain $112.5M in Jan–Feb 2026; January dominated by few large exploits

Published: 2026-03-02 18:09:23 |

Crypto-related hacks and phishing attacks stole $112.53 million across January and February 2026, according to PeckShield. January accounted for $86.01 million from 16 incidents — a 1.42% year-on-year decline but a 13.25% month-on-month rise — driven by five major exploits: Step Finance ($28.9M), Truebit ($26.4M), SwapNet ($13.3M), Saga ($7M) and Makina Finance ($4.13M, $2.7M later recovered). February saw a sharp pullback to $26.52 million across 15 hacks (down 69.2% month-on-month and 98.2% year-on-year, the latter skewed by a $1.4B Bybit-related exploit in Feb 2025). February’s top incidents — YieldBlox DAO ($10M), IoTeX bridge ($8.8M), CrossCurve ($4.95M), FOOM Cash ($2.26M) and Moonwell ($1.8M) — made up ~98% of that month’s losses. PeckShield highlights concentration risk: a small number of high-value incidents and persistent vulnerabilities in cross-chain bridges and DeFi protocols. For traders: the data signals continued security risk and episodic volatility in DeFi and bridge-linked assets; monitor exploits, on-chain flows, and bridge activity as potential catalysts for short-term price moves and liquidity disruptions.

Bearish

The concentration of losses in a few large exploits and continued bridge/DeFi vulnerabilities is bearish for market sentiment, particularly for tokens associated with affected protocols and cross‑chain infrastructure. Large hacks typically trigger immediate sell pressure, outflows from affected pools, and temporary liquidity drains — increasing volatility and risk premia. February’s drop in aggregate losses is positive but driven by fewer high-severity events rather than structural fixes; phishing totals remain large, underscoring ongoing social-engineering risks. In the short term expect heightened volatility and downward pressure on tokens tied to exploited projects and on broader DeFi/bridge-related assets as traders de-risk. In the medium to long term, repeated high-value incidents can erode investor confidence, raise insurance and due-diligence costs, and slow capital inflows into risky DeFi products until stronger security measures and on-chain safeguards are demonstrably adopted. Historical parallels: major exploits (e.g., Ronin, Wormhole) caused sharp price hits for related tokens, asset flight from DeFi, and increased funding into security audits and bridge decentralization — a pattern likely to repeat.