Private cryptocurrency holders bore the brunt of losses from hacks, phishing, and digital theft in February 2026, according to blockchain intelligence firm Nominis. Investigators also flagged a newly identified strain of iOS malware that may be contributing to the shift in attacker focus toward individual users.
Retail Users Face Rising Share of Crypto Theft
Nominis reported that private wallet owners experienced the heaviest losses last month as threat actors intensified campaigns aimed at individuals rather than institutional targets. The trend reflects a broader pivot in crypto-related crime, where attackers increasingly leverage social engineering and account-takeover methods to compromise personal wallets, exchange accounts, and messaging platforms linked to recovery credentials.
New iOS Malware Highlights Mobile Risk
Researchers linked part of February’s surge in successful attacks to a newly identified iOS malware strain targeting crypto users. While technical details remain limited, the malware is engineered to compromise mobile devices used to manage wallets, potentially exposing sensitive data and facilitating unauthorized transactions. The emergence of dedicated mobile malware underscores the growing risk to users who rely on smartphones for wallet access, signing, and account recovery.
Common Attack Vectors
- Phishing pages imitating exchanges, wallet providers, or customer support portals.
- Malicious prompts or links that harvest seed phrases, private keys, or one-time passcodes.
- Wallet-drainer scripts triggered by deceptive signature requests or token approvals.
- Account takeovers via SIM swaps, email compromises, or messaging app hijacks.
Outlook
The concentration of losses among retail users suggests threat actors view individuals as comparatively vulnerable targets, particularly as mobile usage for crypto expands. Continued monitoring of the iOS malware campaign and coordinated responses from wallet providers, exchanges, and mobile platform vendors will be central to limiting the impact on consumers.