Crypto Hackers Target Users, Not Code in February
BTC
+1.11%
ETH
+1.55%
CUSDT
+0.00%
XTZ
+2.24%
AAVE
+4.26%
ONT
+2.20%

Cryptocurrency losses in February stemmed primarily from compromised user accounts and social engineering rather than code vulnerabilities, according to analysis of major incidents. Nominis found that the most vulnerable aspects of the crypto ecosystem are human behaviors and operational practices, not the blockchains themselves, as attackers increasingly target users instead of exploiting technical flaws.

Several significant attacks in February demonstrated this shift toward user-focused exploitation. YieldBlox, a decentralized finance lending platform, lost approximately $10.2 million after an attacker modified its collateral pricing logic to enable unauthorized borrowing beyond permitted limits. The incident highlighted how administrative access and logic manipulation — rather than code exploits — can result in substantial losses.

A cross-chain protocol bridge connected to the Axelar network suffered approximately $3 million in losses when an attacker exploited flawed validation logic in the contract processing incoming messages. Additionally, investigators traced more than $61 million in cryptocurrency connected to a pig butchering investment fraud scheme, successfully obtaining legal forfeiture of the funds through blockchain analysis.

According to Nominis, February’s losses indicate a fundamental change in attack vectors. Rather than discovering zero-day vulnerabilities or code exploits, attackers are increasingly targeting compromised user accounts, misleading transactional requests, and users copying incorrect wallet addresses. These social engineering and operational security failures now represent the primary loss vectors in cryptocurrency, overshadowing technical vulnerabilities in blockchain infrastructure itself.

As attackers continue targeting user-level vulnerabilities, cryptocurrency platforms may increasingly focus on user education, account security improvements, and transaction verification mechanisms rather than solely on code audits and technical upgrades.

Users should enable multi-factor authentication on all cryptocurrency accounts, verify wallet addresses independently before sending funds, remain skeptical of unsolicited investment opportunities, use hardware wallets for significant holdings, and regularly audit account access logs for unauthorized activity.

Follow Hashlytics on Bluesky, LinkedIn , Telegram and X to Get Instant Updates

RELATED ARTICLESMORE FROM AUTHOR