Wrench Attacks Jump 75% in 2025, $41M Lost (CertiK)

Physical targeting of crypto users or their relatives—commonly described as “wrench attacks”—has moved from the periphery of risk discussions to a tangible threat, according to a security audit by CertiK. In a report on wrench attacks released on Sunday, CertiK said there were 72 verified cases worldwide in 2025 in which crypto holders faced direct physical harm. The firm notes that such attacks are “no longer edge cases,” with physical assaults and kidnappings rising by roughly 75% versus 2024. The early data indicate a crisis that could influence behavior across the ecosystem, from founders to high-net-worth individuals, as risk management extends beyond digital defenses into the real world.

“Beyond direct losses, the psychological and reputational fallout is reshaping behavior across the industry, pushing founders and high-net-worth individuals toward operational anonymity and geographical relocation,” CertiK stated. “2025 marks a clear inflection point: physical violence is now a core threat vector in the crypto ecosystem.”

According to the audit, losses confirmed to date total $40.9 million, though CertiK cautions the figure may be understated due to under-reporting, silent settlements, and ransoms that leave little trace. France recorded the largest number of attacks in 2025 with 19 confirmed incidents, while all of Europe accounted for about 40% of global wrench-attacks activity that year. The security community is now grappling with a threat that blends street-level danger with the same financial complexities that have shaped crypto crime for years.

In a related context, observers have highlighted that the threat matrix goes beyond the wallet. A piece on wrench-attacks dynamics, including rising violence, underscores how the community must adapt from purely digital security practices to holistic risk mitigation that acknowledges the real-world risks faced by holders. The discussion has also encompassed debates around how to improve safety without disclosing wealth or inviting targeted surveillance.

Among the most high-profile incidents in 2025 were cases that drew international attention: the kidnapping of Ledger founder David Balland and his wife, Amandine, in January, which underscored how high-profile crypto figures can become targets. A separate case in May involved an Italian crypto holder who was reportedly kidnapped and tortured during a visit to New York City. These events illustrate the severity and unpredictability of wrench-attacks, prompting calls for a more layered security approach that spans home security, travel protocols, and protective logistics for principals and their families.

Industry voices have long warned that no amount of online security can fully avert physical risk if wealth is openly discussed or visible. “Every week, there is a Bitcoiner, at least one in the world, who gets kidnapped, tortured, extorted, and sometimes even worse,” said Alena Vranova, founder of SatoshiLabs, in August, emphasizing that even in the crypto space, personal safety remains a critical concern. “We have seen cases of kidnappings for as little as $6,000 worth of crypto, and we have seen people murdered for $50,000 in crypto.”

Possible solutions to wrench attacks

To counter the threat, researchers and practitioners have proposed protective measures such as “panic wallets” that could trigger emergency responses, wipe balances under duress, or generate decoys to mislead attackers. The concept aims to provide a rapid, verifiable means of signaling danger without exposing a holder’s entire holdings or wealth. Nonetheless, security professionals caution that effective risk management goes beyond gadgetry; it requires disciplined personal security practices. Experts advise that crypto holders should limit the visibility of their holdings and avoid broadcasting wealth in public settings, a principle that remains a cornerstone of physical-security best practices.

Several voices in the field emphasize that technology alone cannot solve the problem. Even with new tools, industry watchers remind investors to exercise situational awareness at events and in daily routines, since high-profile gatherings can attract attention from would-be attackers. As the dialogue around wrench attacks evolves, the community continues to weigh the balance between privacy, precaution, and the practicalities of safeguarding digital assets in a world where violence can intersect with financial crime.

Magazine: 6 weirdest devices people have used to mine Bitcoin and crypto

https://www.youtube.com/embed/kyNQ5YoFkWo

Key takeaways

• 72 verified wrench-attack cases were recorded worldwide in 2025, with physical assaults and kidnappings up about 75% versus 2024.
• Confirmed losses reached $40.9 million, though actual figures may be higher due to under-reporting and untraceable ransoms.
• France had the most incidents in 2025 (19 confirmed), while Europe accounted for roughly 40% of global wrench-attacks activity.
• High-profile cases, including the January kidnapping of Ledger founder David Balland and his spouse, and a May kidnapping in New York City, highlight the real-world stakes.
• Experts advocate for safety innovations like panic-wallet concepts while stressing conventional precautions—don’t disclose wealth, stay aware at events, and integrate physical-security planning into crypto strategies.

Market context: The wrench-attacks trend unfolds against a backdrop of evolving crypto risk management. As custody services, insurance offerings, and regulatory scrutiny advance, physical risk remains a nontrivial factor that intersects with digital security and crime-fighting efforts, influencing how the industry approaches user protection and privacy.

Why it matters

For users and investors, the CertiK findings translate into a tangible reminder that wealth in crypto is not solely at risk from hacks or exploits. The realization that violence and coercion can threaten individuals and families adds a human dimension to risk models that previously focused on on-chain threats. Institutions, including exchanges and wallet providers, must weigh whether to integrate protective protocols for high-net-worth clients, alongside standard security measures like secure storage and risk assessments. The report also prompts developers and policymakers to consider pragmatic safety features—without creating new avenues for misuse—that can complement existing security protocols and insurance products.

For builders and operators, the wrench-attack phenomenon underscores the importance of a holistic security posture. This means blending digital safeguards with physical-security standards, controlled disclosure practices, and travel security guidance. In an environment where attackers may exploit social and geographical vulnerabilities, the industry’s resilience depends on coordinated efforts across technical teams, legal counsel, and security professionals to minimize exposure while preserving user privacy and decentralization principles.

What to watch next

• Updates from CertiK on wrench-attack patterns and any escalation in 2026, including regional hotspots and new attack vectors.
• Adoption and evaluation of panic-wallet concepts or other safety tools by crypto firms and high-net-worth individuals.
• Regulatory or insurer responses that address physical risk in crypto ownership, including travel and personal security guidelines for executives.
• Industry benchmarks on safe disclosure practices and privacy-preserving protections for holders in high-risk environments.

Sources & verification

• CertiK wrench-attacks report: 72 verified 2025 cases and $40.9 million in confirmed losses.
• France recorded 19 incidents in 2025; Europe accounted for about 40% of global wrench-attacks activity.
• High-profile cases: Ledger founder David Balland and spouse kidnapped in January 2025; a separate Italian investor reportedly kidnapped in NYC in May 2025.
• Quote from Alena Vranova, SatoshiLabs founder, on weekly kidnappings and related risk narratives.
• Discussion of panic-wallet concepts as potential mitigation alongside cautions about public disclosure of holdings.

Why it matters

In sum, wrench attacks compel a rethinking of crypto security that bridges digital safeguards with real-world safety measures. The ongoing incidents reinforce the need for practical risk management among individuals and institutions, including physical-security planning, incident response protocols, and prudent communication about holdings. For users, this translates into a more cautious posture when traveling, attending events, or discussing wealth in public. For the broader market, the trend highlights how security challenges remain diverse—spanning on-chain exploits, regulatory developments, and the human element that underpins the crypto economy’s continued growth and trust.

This article was originally published as Wrench Attacks Jump 75% in 2025, $41M Lost (CertiK) on Crypto Breaking News – your trusted source for crypto news, Bitcoin news, and blockchain updates.