Crypto-related hacks declined sharply in February, but attackers are increasingly targeting users through phishing campaigns and malicious wallet approvals — a shift suggesting they are focusing more on exploiting human behavior than on vulnerabilities in smart contracts.

According to Nominis’ monthly report, roughly $49 million was lost to crypto-related exploits in February.

A single breach involving Step Finance, a portfolio dashboard and analytics platform built on the Solana blockchain, accounted for the bulk of the losses, with attackers draining approximately $30 million.

The February figure marks a steep decline from the $385 million stolen in January. While one month of data does not necessarily indicate a sustained trend, the…