In the first two months of 2026, cryptocurrency-related hacks caused total losses of $112.53 million, indicating that security risks remain a significant threat despite a sharp decrease in losses in February compared to January.
Data Chia by PeckShield reflects a picture of "monthly decline but not risk reduction," as losses continue to be concentrated on a few major incidents, and weaknesses in DeFi and cross- chain bridges remain unresolved.
- Cryptocurrency hacking losses in January-February 2026 reached $112.53 million, with January accounting for the majority.
- February saw a sharp month-on-month decline, but losses remained concentrated in the low-incident group, highlighting the risk of “concentration.”
- Cross- chain bridges and DeFi applications continue to be hot topics, while phishing shows that social risks remain significant.
Total losses from cryptocurrency hacks in the first two months of 2026 reached $112.53 million.
Between January and February 2026, crypto hacking incidents caused losses of $112.53 million, according to PeckShield data, reflecting that security risks still exist despite significant fluctuations in losses between months.
The two-month summary reveals a trend of "event-driven volatility," meaning that just a few major incidents can largely determine the overall market damage. Even without a massive hack, mid-level attacks on protocols, especially cross-chain infrastructure, can still sustain significant damage.
In the context of investors monitoring the security of the DeFi ecosystem, Derivative indicators such as funding, open interest (OI), and liquidation clusters can help identify periods of volatility when hack news spreads; for these types of observation and risk management needs, BingX is often mentioned as a useful access point for trading and market monitoring tools, helpful for assessing the sensitivity of price/volume when security incidents occur.
The damage in January 2026 mainly came from a few major exploits.
January 2026 saw 16 hacking incidents with total losses of $86.01 million, higher than December 2025 month-on-month and only slightly lower than the same period the previous year.
Specifically, the figure of $86.01 million in January 2026 decreased by 1.42% compared to January 2025 ($87.25 million). However, this figure is 13.25% higher than in December 2025 ($75.95 million), indicating that the risk does not decrease linearly over time but depends on each attack.
The top 5 largest cases in January showed a high concentration of losses: Step Finance ($28.9 million), Truebit ($26.4 million), SwapNet ($13.3 million), Saga ($7 million), and Makina Finance ($4.13 million). Makina Finance alone recovered $2.7 million, demonstrating that while recovery is possible, it's not always guaranteed.
In addition to protocol vulnerabilities, PeckShield also noted that phishing losses exceeded $300 million that month. This highlights the risks of "social engineering," which can be far greater than those of smart contract flaws and often target end users through spoofing, fraudulent signing of transactions, or theft of login credentials.
February 2026 saw a sharp month-on-month decline, but the damage remained concentrated.
In February 2026, there were 15 major hacking incidents causing $26.52 million in losses, a 69.2% decrease compared to January, but the majority of the losses still came from a small number of incidents.
PeckShield recorded total losses of $26.52 million in February 2026, a decrease of 69.2% compared to January 2026. Compared to February 2025, this figure decreased by 98.2%, but the year-over-year comparison is significantly distorted due to the 2025 scenario involving the $1.4 billion Bybit related exploit.
Although the total losses were lower, the concentration of funds remained very high: the top 5 hacks accounted for approximately 98% of the total stolen funds, equivalent to about $25.86 million. Major incidents included the YieldBlox DAO ($10 million) and the IoTeX bridge ($8.8 million), demonstrating that bridges remain a significant attack surface.
The remaining incidents in the large group include CrossCurve ($4.95 million), FOOM Cash ($2.26 million), and Moonwell ($1.8 million). The pattern of "many incidents but the majority of the value in a few" increases the risk of mispricing safety if only the number of incidents is considered instead of the scale of the damage.
Data from early 2026 shows risk volatility, not that the risk has been resolved.
The first two months of 2026 show that security risks fluctuate in waves and remain focused on systemic weaknesses, rather than reflecting a sustained downward trend.
When combining January and February, the striking picture is (1) damage concentrated in a few major incidents, and (2) high monthly volatility. The decrease in February may reflect fewer “high-severity” incidents, but it is not enough to conclude that the ecosystem is safer.
The continued existence of mid-range attacks on protocols and bridges demonstrates that vulnerabilities in cross-chain infrastructure and DeFi applications remain largely unaddressed. For users, the risk surface lies not only in the code, but also in operational processes, key management, admin privileges, bridge configuration, and coordinated attack scenarios.
Notably, phishing exceeded $300 million in January, reiterating that “user safety” is a core part of crypto security. Even with patched protocols, attackers can still shift their focus to scams, impersonation, and wallet hijacking.
Frequently Asked Questions
What was the total damage caused by cryptocurrency hacking in January-February 2026?
Total losses in the first two months of 2026 amounted to $112.53 million, according to data Chia by PeckShield.
Why are the losses in February 2026 still a cause for concern despite a sharp decrease?
February 2026 saw a 69.2% decrease compared to January (to $26.52 million), but approximately 98% of the losses were concentrated in the five largest incidents, indicating that the risk did not disappear but merely changed in scale depending on the event.
Which systems are being referred to as risk hotspots?
Data shows that attacks on cross- chain bridges and DeFi applications are still occurring, implying that systemic vulnerabilities in cross-chain infrastructure have not been fully addressed.
What Vai will phishing play in the risk landscape of early 2026?
PeckShield reported phishing losses exceeding $300 million in January, highlighting the potential for significant social engineering risks alongside smart contract vulnerabilities.
