Assault, home invasion and hostages. Crypto ransom violence is on the rise — here’s how you can protect yourself

Crypto crime is going offline.

​According to the latest “Skynet Wrench Attacks Report” by blockchain security firm CertiK, there’s a troubling rise in attacks using physical violence, intimidation, or coercion to steal digital assets. These attacks, called “wrench attacks” against cryptocurrency holders, force them to surrender their private keys or passwords.

Between 2024 and 2025, there was a 75% jump in wrench-attack crimes, with a 250% surge in physical assaults. In total, there were 72 of these cases in 2025, but CertiK notes these are only the ones that authorities know about. The report’s authors believe these could represent just the “tip of the iceberg” due to underreporting. (1)

Must Read

• Robert Kiyosaki issues grim warning for baby boomers. Many could be ‘wiped out’ and homeless ‘all over’ the country. How to protect yourself now

​Even with this available information, that’s a 44% increase in stolen crypto between 2024 and 2025. In dollar terms, the victims of these assaults lost approximately $40.9 million last year alone.

​Although crypto violence is rising around the world, Europe is the most dangerous zone with 40.3% of total wrench attacks. In France, there’s now one crypto theft-related kidnapping every two to three days. (2)

​CertiK highlighted one particularly gruesome case from France involving David Balland, who co-founded the hardware wallet brand Ledger. In January 2025, an organized group of criminals abducted Balland and his wife and tortured them for 48 hours — including cutting off one of Balland’s fingers — in an attempt to steal €10 million in crypto. Thankfully, the 10 suspects are now in custody, and Balland and his wife are reportedly safe. (1)

​All of these data points led CertiK to conclude that “physical violence is now a core threat vector in the crypto ecosystem.”

​From brute force to physical force

Although hacks still happen in crypto, the above statistics show criminals are now targeting investors and project leaders rather than apps and storage devices. Phil Ariss, who works for the blockchain intelligence company TRM Labs, told CoinDesk that, he is “seeing a shift from ‘find a wallet’ to ‘hunt a person.'” (2)

​CertiK referred to this as a “technical paradox” in its report. The “paradox” is that, as encryption standards improve in wallets and exchanges, it becomes more time-consuming and expensive to break into these accounts, leading criminals to turn toward human vulnerabilities like fear and pain.

​Another tragic irony is that many of crypto’s defining traits make it more desirable for thieves.

​The FBI notes that, because cryptocurrencies don’t have intermediaries, there’s no need to fear any friction like a bank flagging suspicious transfers. (3)

​Plus, crypto transactions are immutable. Once someone sends tokens on a blockchain, that transfer is fixed, and nobody has the authority to reverse it.

​With all of these features in place, CertiK doesn’t have much hope for a decline in person-focused crypto attacks. In fact, they warn that AI deepfakes will only ramp up these crimes as thieves use lifelike extortion videos or phone calls to prey on victims.

Read More: Almost 50 with no retirement savings? Here’s why you shouldn’t panic

Crypto security beyond cold storage

​In Phill Ariss’s interview with CoinDesk, he identified “the biggest avoidable mistake” that makes people vulnerable to a physical crypto theft, which he says is “tying real-world identity, location, and routine too tightly to visible crypto wealth.” (2)

​CertiK put it more bluntly in their safety suggestions: “Stop flexing.” (1)

​Anyone holding crypto has to be extra cautious about how much they share online. CertiK strongly recommends keeping details such as your crypto wallets, portfolios, and travel plans off social media and forums.

​More criminals are using Open Source Intelligence (OSINT) to identify vulnerable targets, so staying silent is the best way to stay off their radar.

​Aside from keeping quiet about crypto activities, CertiK suggests creating a decoy wallet. Some wallets let you use an “optional passphrase” to create a second “hidden” wallet with the seed phrase generated during setup. With this strategy, you have plausible deniability because you can give away the legitimate seed phrase while keeping the other wallet a secret.

​In general, cold storage devices are best for storing cryptocurrencies because they keep your valuable private keys offline. While this feature prevents hacks, it won’t do you much good in a physical assault.

​What could help in this extreme scenario is a time buffer, like a preset time-lock setting.

​Wallets with time locks make crypto unspendable for a few hours or days, even after a criminal initiates a transfer. While this isn’t foolproof, it gives you and authorities more time to hopefully catch the attackers and stop the transaction.

CertiK also says to contact authorities immediately if you’re receiving unsolicited codes for two-factor authentication (2FA) to your accounts. This is a warning sign that your data has been compromised and that criminals are actively tracking you.

​Overall, keeping a low profile and staying vigilant are your best defenses against these gut-wrenching attacks.

What To Read Next

Join 250,000+ readers and get Moneywise’s best stories and exclusive interviews first — clear insights curated and delivered weekly. Subscribe now.

Article Sources

We rely only on vetted sources and credible third-party reporting. For details, see our ethics and guidelines.

CertiK (1); CoinDesk (2); FBI Internet Crime Complaint Center (3)

This article provides information only and should not be construed as advice. It is provided without warranty of any kind.