Crypto losses fall 87% for February as attackers shift from protocols to people

Total crypto losses from attacks drop enter 87% for February to $49.3 million, Nominis (blockchain security firm) talk, after January wey around $385 million. The drop na because fewer big protocol-level exploits, but attackers don dey target people and operational weak points more. The biggest wahala na the Solana-based Step Finance compromise: one executive device wey dem compromise make dem comot 261,854 SOL (≈$27–40m), weh make Step suspend core services and e account for over 60% of February losses. Some technical exploits still happen — YieldBlox lose about $10.2m via oracle manipulation and CrossCurve lose roughly $3m because Axelar message validation get problem; IoTeX also report cross-chain minting/validation issue. Social-engineering attacks rise, like address-poisoning (send look-alike addresses), malicious token approval scams (trick users to give increaseAllowance-like approvals), phishing, and exposed seed phrases wey cost users hundreds of thousands dollars. Law enforcement activity increase: US authorities seize funds linked to pig-butchering fraud (reported sums differ) and new Scam Center Strike Force don freeze hundreds of millions in stolen crypto. Nominis conclude say the main risk vector don shift from exploitable protocol code to compromised accounts, team devices, and operational errors. For traders, main takeaways be higher counterparty and custody risk — prioritize hardware wallets, multisig and strict key custody, verify addresses and transaction approvals, limit private-key/device exposure, and watch projects with admin keys or oracle dependencies for operational vulnerability.