How much have crypto wrench attacks cost victims so far in 2026?

CertiK documented $100M+ in losses across 34 verified global incidents in the first four months of 2026, up 41% year-on-year and tracking toward ~130 cases and several hundred million dollars for the full year.

Why is France the epicenter of crypto physical-crime activity in 2026?

Europe accounts for 82% of CertiK's verified wrench-attack cases in 2026, with France reporting roughly one incident every 2.5 days per the Ministry of the Interior. The country's cluster of crypto executives and a recent tax-official breach exposing holder profiles have made it a clear concentration point.

What is a crypto wrench attack?

A wrench attack uses kidnapping, assault, threats or other physical coercion to force a victim to transfer crypto, unlock an account, or surrender private-key access — bypassing the cryptographic and on-chain defenses that protect the wallet itself.

How is the crypto industry responding to physical-coercion threats?

Binance rolled out a withdrawal-lockdown feature that imposes a 1-to-7-day delay on off-platform transfers, explicitly designed for in-person coercion scenarios. Self-custody users are advised to layer multisig vaults, delayed spending policies and geographically distributed signing on top.

Why are wrench attacks harder to track than on-chain exploits?

Victims are often reluctant to report due to trauma and fear of retaliation, so even CertiK's verified counts are widely understood to be a fraction of the true total — unlike stolen-fund cases that can be traced across wallets and exchanges in real time.

🩸BEARISH 45d ago

CryptoSlate

Crypto Wrench Attacks Top $100M in Four Months: CertiK

CertiK counts 34 verified physical-coercion incidents since January — a 41% YoY jump — with Europe absorbing 82% of cases and France emerging as the continent's clearest concentration of…

Zipp Editorial Aggregated from CryptoSlate

Crypto Wrench Attacks Top $100M in Four Months: CertiK

Physical coercion of crypto holders has cost victims more than $100 million in the first four months of 2026, according to blockchain security firm CertiK, which documented 34 verified global incidents known as "wrench attacks." That count is up 41% from the same window last year and, if the current pace holds, would push full-year losses into the several-hundred-million range and surpass 2025 — already the most active year on record for crypto-related physical assaults.

Why it matters

Europe now accounts for 82% of CertiK's verified cases in 2026, with France emerging as the continent's clearest concentration. During Paris Blockchain Week, France's Ministry of the Interior reportedly identified 41 incidents tied to digital-asset coercion since January — roughly one attack every two and a half days — while reported cases in the US and Asia have declined over the same period. France's exposure tracks a visible cluster of crypto executives, founders and developers at firms like Ledger and Paymium, amplified by leaked personal data. CertiK cited a tax official, Ghalia C., accused of using government software to search for crypto-holder profiles before allegedly selling the information to criminal networks — the kind of breach that turns a wallet user into a physical target without any social-media display of wealth.

The pattern is also evolving toward proxy targeting: the January kidnapping of 84-year-old Nancy Guthrie, mother of journalist Savannah Guthrie, was tied to a $6 million BTC ransom demand and illustrated attackers going after relatives rather than primary holders. Earlier the same month, Chinese entrepreneur Yong Wang was abducted in Istanbul over a crypto-asset dispute and killed before ten suspects were arrested in China on an Interpol Red Notice. In March, a UK-based crypto figure known as Sillytuna said armed attackers forced a transfer of roughly $24 million in aEthUSDC, with funds bridged across chains and converted into Monero.

Market impact

The economics explain the migration. A criminal group does not need to defeat encryption, break a hardware wallet, or exploit a smart contract if it can force a victim to approve a transfer — and digital assets can be split across wallets, bridged between networks, or routed through mixers in minutes. Phil Ariss, director of UK public sector relations at TRM Labs, framed it as a natural evolution of organized crime: groups already comfortable with violence move toward whatever target offers the cleanest route to liquidity.

Industry response is starting to catch up.

#CryptoSecurity #WrenchAttacks $BTC #CertiK

Frequently asked questions

How much have crypto wrench attacks cost victims so far in 2026?

CertiK documented $100M+ in losses across 34 verified global incidents in the first four months of 2026, up 41% year-on-year and tracking toward ~130 cases and several hundred million dollars for the full year.
Why is France the epicenter of crypto physical-crime activity in 2026?

Europe accounts for 82% of CertiK's verified wrench-attack cases in 2026, with France reporting roughly one incident every 2.5 days per the Ministry of the Interior. The country's cluster of crypto executives and a recent tax-official breach exposing holder profiles have made it a clear concentration point.
What is a crypto wrench attack?

A wrench attack uses kidnapping, assault, threats or other physical coercion to force a victim to transfer crypto, unlock an account, or surrender private-key access — bypassing the cryptographic and on-chain defenses that protect the wallet itself.
How is the crypto industry responding to physical-coercion threats?

Binance rolled out a withdrawal-lockdown feature that imposes a 1-to-7-day delay on off-platform transfers, explicitly designed for in-person coercion scenarios. Self-custody users are advised to layer multisig vaults, delayed spending policies and geographically distributed signing on top.
Why are wrench attacks harder to track than on-chain exploits?

Victims are often reluctant to report due to trauma and fear of retaliation, so even CertiK's verified counts are widely understood to be a fraction of the true total — unlike stolen-fund cases that can be traced across wallets and exchanges in real time.

Source attribution

Aggregated from CryptoSlate · Verified · Last refreshed 45d ago

Open original →

Invesco SEC filing seeks tokenized stablecoin reserve fund onchain

Tether's $141B Treasury Holdings Put Stablecoins on Fed Radar

US Tells OpenAI to Halt GPT-5.6 Launch Pending Review