Wallet concessions caused the biggest losses in the crypto sector in February. How can you protect yourself?

A recent report on security in the crypto ecosystem reveals that wallet giveaways led cryptocurrency losses in February, at $16,6 million.

Web3 security firm Certik shared its latest report on financial incidents within the digital asset ecosystem during February. According to the data, the total value lost to attacks and fraud reached 37,7 million, a figure that shows a significant improvement, as it is the lowest level of monthly losses since March 2025.

The report indicates that the reduction in the value of losses is not due to a decrease in the number of incidents or attacks, but rather to the superior effectiveness of the defense protocols. The firm suggests that improved security protocols They have strengthened the protection of users and projects linked to the Web3 environment.

Furthermore, one of the report's highlights is the recovery or freezing of nearly 30% of the affected funds, equivalent to approximately $11,3 million. This achievement was made possible by the swift action of cybersecurity specialists and the support of major asset exchange platforms, which responded quickly to these attacks to limit the damage.

In general, analysts interpret these results as a sign of an industry that is consolidating its ability to respond to digital threats and moving towards a more reliable ecosystem for participants.

DeFi and AI account for the biggest losses from hacks in February

During the last month, the digital wallet breach It positioned itself as the leading cause of fund loss in the crypto ecosystem, according to the report published by Certik. The incidents linked to unauthorized access to electronic wallets They caused capital outflows of $16,6 million, an amount that exceeded the losses derived from price manipulation, which reached $11,4 million, and from phishing, with $8,5 million affected.

The firm's report indicates that Decentralized Finance (DeF) protocols were the hardest hit, with a total of $14,3 million in losses. Projects integrating artificial intelligence (AI) also experienced a significant impact, with $8,9 million compromised in the last month. Certik explains that these digital wallet breaches occur when a malicious individual or group manages to obtain the private keys These are seed phrases that protect users' digital assets, allowing them to move funds without manipulating the code or leaving obvious traces. In other words, they occur when a user grants permission to a malicious smart contract to spend their assets without restrictions.

Among the most relevant cases that occurred in February, Certik mentioned the incident of YieldBlox, with estimated losses of $10,59 million, and the attack on the protocol IoTeXwhich recorded a breach of $8,9 million. Although the amounts are still considerable, the firm emphasizes that they represent a marked improvement compared to the previous year's figures, when individual attacks frequently exceeded $50 million per protocol.

The firm's analysts they stood out The losses recorded in the crypto ecosystem last February represent the lowest monthly figure since March 2025, which they consider a key indicator reflecting the constant progress of protocols in the protection of digital funds and in the best security practices adopted in the sector.

Fewer losses and more vigilance in blockchain security

During the period analyzed, the CertiK report showed a positive shift in the blockchain security landscape. Although technical incidents continued, total losses They were reduced by 60% compared to JanuaryThis is a sign that the sector is reacting with greater coordination and users are acting more cautiously in safeguarding their digital funds.

The report also revealed that programming errors resulted in approximately $5 million in losses, while exit scams caused just over $2 million. These figures point to a clear trend: attackers are now looking to exploit outright vulnerabilities or manipulate markets internally, rather than designing fraudulent projects from scratch.

CertiK noted that DeFi protocols remain the preferred targets of cybercriminals due to the abundant liquidity they handle. However, he also warned of an increase in the attacks targeting video game platformsespecially through "address poisoning," a tactic that combines deception and technical precision, and which resulted in approximately $1,4 million in losses during February.

How to protect your assets against risks?

Security remains one of the most sensitive issues in the cryptocurrency ecosystem. Given the rise in attacks aimed at gaining control of digital wallets, experts from the firm warn that protecting digital assets begins at the proper management of credentialsEvery mistake when entering a private key or sharing sensitive information can open the door to irreversible losses, so verify the legitimacy of the platforms It is essential to do this before entering any data.

In operations involving large sums of capital or requiring greater security, analysts recommend adopting multiple signature schemesThis practice distributes authorization for movements and reduces the risk of unauthorized access. They also highlight the importance of revoke permissions once interacting with new DeFi protocolsbecause many smart contracts retain indefinite access to a wallet's funds if the user does not manually adjust those permissions.

Another common tactic in recent frauds is the poisoning of addressesThis is a technique in which attackers insert addresses almost identical to the originals into the user's history to redirect transactions. Therefore, experts advise... Carefully review each character of the destination address before confirming any shipment and avoid copying data from the transaction log.

Experts conclude that digital hygiene education and the constant updating of devices are fundamental measures for strengthening security. Often, attacks don't depend on technical failures, but rather on the manipulation of the visual environment with which the user interacts. Therefore, the implementation of these practices, coupled with sustained progress in the responsiveness of platforms, defines the current level of protection within the Web3 universe.