CertiK’s report indicates that in 2025, there were 72 confirmed violent attacks targeting cryptocurrency wallet holders worldwide, representing a 75% increase compared to 2024, resulting in losses of approximately $40.9 million. France accounted for the highest number with 19 incidents, making up 40% of all attacks globally. The Ledger founder was kidnapped in January, an Italian holder was tortured in New York in May, and the founder of SatoshiLabs reports that at least one attack occurs every week, making this a core threat.
Wrench Attacks Shift from Occasional Incidents to Systemic Threats
The so-called “Wrench Attack” refers to criminals using violence or threats to force cryptocurrency wallet owners to surrender their private keys or transfer assets. The term originates from a classic XKCD comic illustrating that even the strongest encryption cannot withstand physical violence with a wrench. As the value of cryptocurrencies skyrockets and the number of holders increases, this once-extreme attack method is evolving into a systemic threat.
CertiK emphasizes in its report: “Beyond direct financial losses, the psychological and reputational impacts are reshaping industry behavior, compelling founders and high-net-worth individuals to operate anonymously and relocate. 2025 marks a clear turning point: physical violence has now become one of the core threats within the crypto ecosystem.” This highlights the seriousness of the issue—it’s no longer just a tragedy for individual victims but a structural crisis affecting the entire industry’s operations.
A 75% annual growth rate is astonishing. This means that in 2024, there were about 41 confirmed cases, which surged to 72 in 2025. This growth far exceeds the increase in crypto market users, indicating that criminals are systematically targeting cryptocurrency wallet holders as high-value targets. Even more concerning, CertiK admits that the $40.9 million loss figure is only “confirmed,” and the actual amount could be several times higher due to “underreporting, silent settlements, and untraceable ransom payments.”
Many victims choose not to report or disclose incidents, fearing exposure of more wealth information, distrust of law enforcement, or private settlements with kidnappers. This dark figure makes it difficult to assess the true scale of wrench attacks, but it’s clear that public data only represents the tip of the iceberg. For crypto wallet holders, this is no longer a “possible” risk but a “current” reality.
Europe Becomes a Major Hub for Wrench Attacks
According to CertiK’s statistics, France recorded the highest number of attacks last year, with 19 confirmed cases, while Europe overall accounts for about 40% of all global attacks in 2025. This regional concentration warrants in-depth analysis. Why has Europe become a hotspot for wrench attacks? Possible reasons include high cryptocurrency adoption rates, relatively lax gun control laws that weaken victims’ resistance, and the ease of cross-border criminal networks within the Schengen Area.
Among the 19 cases in France, some involved high-profile crypto entrepreneurs and investors. Criminals track targets’ lifestyles, addresses, and schedules via social media, meticulously planning kidnapping operations. This “social engineering + violence” combination makes even security-conscious crypto wallet owners vulnerable. More alarmingly, some cases reveal that criminal gangs possess technical expertise, enabling them to force victims to authorize multi-signature wallets or unlock hardware wallets.
Some of the most notable attacks in 2025 highlight escalating threats. Ledger founder David Balland and his wife Amandine were kidnapped in January and ransom was demanded—shocking the industry, as the victims are top experts in hardware wallet security. Additionally, a report states that in May, an Italian crypto holder was kidnapped and tortured in New York City, demonstrating that these threats cross borders and even in well-ordered countries like the US, victims are not immune.
SatoshiLabs founder Alena Vranova stated in August: “Every week, at least one Bitcoin holder worldwide is kidnapped, tortured, extorted, or worse.” She added, “We’ve seen cases where crypto worth only $6,000 led to kidnapping, and others where $50,000 worth resulted in murder.” This reveals a frightening reality: the threshold for wrench attacks is rapidly lowering, targeting not just million-dollar whales but also ordinary users holding just a few thousand dollars.
Emergency Wallets and Protective Strategies
In response to threats of physical assault or intimidation, the industry is exploring technical solutions. The most discussed is the “Duress Wallet,” a crypto wallet designed with multiple protective features. When under threat, users can input a special “duress PIN” that triggers functions such as silently alerting contacts or law enforcement, displaying a fake small-balance wallet as bait, or automatically transferring assets to a pre-set secure address.
While theoretically feasible, practical implementation faces challenges. First, timing issues: blockchain transactions require confirmation time, and criminals might detect anomalies before the transfer completes. Second, trust issues: if the bait wallet shows too little, it could provoke violence. Third, complexity: emergency mechanisms need pre-configuration and simple operation but must avoid accidental triggers, demanding high standards in product design.
Five Key Protective Principles for Crypto Wallet Holders
Stay Low-Profile: Avoid publicly discussing holdings or transaction gains on social media to prevent becoming targets.
Enhance Physical Security: Consider relocating to safer areas, installing home security systems, and hiring professional security personnel.
Diversify Assets: Do not store all assets in a single wallet; use multi-signature setups and time locks.
Maintain Anonymity: Use pseudonyms in community participation, avoid revealing real identities and addresses.
Prepare an Emergency Plan: Develop response procedures with family members and pre-assign emergency contacts.
However, many experts advise that the most fundamental protection is: never publicly discuss your wealth or holdings. This simple principle is often overlooked; many victims later realize that attackers targeted them based on boastful posts on Twitter, Reddit, or Discord. While crypto’s anonymity is an advantage, it only works if holders keep a low profile.
Some high-net-worth individuals have taken extreme measures. Some prominent founders operate completely anonymously, using pseudonyms and hiding their identities. Others relocate to countries with strong legal systems and security, such as Singapore, Switzerland, or the UAE. Some hire private security teams for 24/7 monitoring. These measures are effective but costly and significantly impact quality of life, illustrating that wrench attacks have already materially changed how the crypto ecosystem functions.
Industry Response and Law Enforcement Challenges
CertiK’s report raises an alarm about crypto wallet security, but solving this problem requires cooperation across multiple sectors. Hardware wallet manufacturers need to embed stronger coercion protections; software wallet developers should provide emergency modes; exchanges and custodians must enhance privacy protections to prevent data leaks that could expose holders.
Law enforcement faces significant hurdles. The cross-border nature of crypto crimes allows kidnappers to operate across jurisdictions—demanding transfers to wallets in other countries, then laundering funds through mixers and decentralized exchanges. Such transnational crimes are extremely difficult to trace and prosecute. Victims often hesitate to cooperate, fearing further exposure or secondary attacks.
In the long term, the threat of wrench attacks may push the crypto wallet industry toward innovation. Future solutions could include biometric and geofencing-based authorization (auto-triggering alerts if unlocking occurs in abnormal locations), delayed transfers (large transactions requiring a 24-hour cooling-off period), and social recovery mechanisms (requiring multiple trusted contacts to confirm emergency actions). While these may sacrifice some convenience, they can greatly enhance security.
Related Articles
Galaxy: Quantum Computing Poses Real Threat to Bitcoin but Not Urgent Crisis, Approximately 7 Million BTC in Long-Term Exposure State
Galaxy Digital's head of research Alex Thorn points out that quantum computing poses a threat to Bitcoin, but the threat is not urgent and investors need not panic. Approximately 7 million BTC are at long-term risk, but current quantum computing capabilities cannot break the encryption, and developers have already proposed multiple solutions to address the issue.
GateNews1h ago
FBI Director Admits Spending Money to Buy "Location Data" to Track American Citizens! Blasted for Trampling Fourth Amendment
FBI Director Kash Patel admitted during Senate testimony that the FBI has tracked U.S. citizens by purchasing location data without court search warrants, sparking strong criticism from Senator Ron Wyden, who argued the practice violates the Fourth Amendment and called for legislative reform to restrict such conduct. This finding reveals that the government's use of commercial data poses widespread surveillance risks.
動區BlockTempo1h ago
Husband accuses wife of stealing over 2,000 bitcoins! Judge: The plaintiff has a very high chance of winning.
The UK High Court is hearing a Bitcoin theft case in which the plaintiff accuses his wife of stealing 2,323 bitcoins and covertly recording the seed phrase through surveillance equipment. The court found the evidence disadvantageous to the defendant, including recordings and seized devices. While some claims were dismissed, the plaintiff has a very high probability of success, and the court will maintain the asset freeze order.
区块客1h ago
UK Man Accuses Ex-Wife of Stealing 2323 BTC After Divorce, Worth Approximately $238 Million
Gate News reported that on March 19, a man accused his ex-wife of stealing over 2323 bitcoins from his wallet after their divorce and transferring them to a place he cannot access, with the assets involved valued at up to 180 million pounds (approximately 238 million US dollars). Plaintiff Ping Fai Yuen has filed a lawsuit against his ex-wife Fun Yung Li at the London court over this matter. According to London court ruling documents published on March 10, since the litigation was initiated, the bitcoins involved in the case have been valued at up to 180 million pounds.
GateNews1h ago
Israeli Journalist Receives Death Threats After Reporting, Are Polymarket "Bettors" Becoming Fanatics?
Israeli *Times of Israel* military reporter Emanuel Fabian recently disclosed that after reporting on an Iranian ballistic missile that struck an empty field in Beit Shemesh, a suburb of Jerusalem, he faced sustained harassment from bettors associated with Polymarket, including receiving death threats.
This incident is particularly striking not only because it involves frontline war reporting and a prediction market with a funding pool exceeding $14 million, but also because it reveals an increasingly acute question: when market participants' profits begin to depend on media narratives, public information, and even violent events themselves, is the prediction market truly "price discovery," or is it creating dangerous incentives for the real world?
Why did a frontline report trigger a mob of bettors?
"That day, I reported on the *Times of Israel*'s live blog that the missile struck an empty field, with no
区块客3h ago
Hackers Attack US Company P3 Global Intel, Steal Millions of Confidential Police Report Data
Gate News: On March 19th, hackers claimed to have breached U.S. company P3 Global Intel and stolen millions of confidential police report records. According to the hackers' disclosure, they used social engineering tactics to take over a customer account at P3 Global Intel, and subsequently exploited system vulnerabilities to access large amounts of data. P3 Global Intel is a company that provides anonymous reporting services to law enforcement agencies, and this data breach involves a significant amount of sensitive information.
GateNews3h ago
