Crypto-related security threats, that were once confined to network breaches and cyber attacks, have now taken a new turn. The crypto industry is reeling under the threats of physically invasive dangers including kidnappings, robberies, and home invasions, a Bloomberg report said on Tuesday.
The report notes the increase in hired, personal security details protecting crypto celebs, a trend which was on display at the Bitcoin 2026 conference in Las Vegas.
These physically invasive attacks are classified as “wrench attacks”. These include extortion, BTC ATM attacks, crypto robbery, and gunpoint threats. As per the report, cyber criminals have been using Web3 data leaks to identify individuals who hold high-value assets and set targets on them.
The news about these attacks have started to gain momentum since last year, after Ledger co-founder David Balland and his wife were abducted from their France residence by a gang that had demanded EUR 10 million in crypto ransom. Balland was brutally assaulted in the attack with the kidnappers having chopped one of his fingers. The French police was able to catch hold of this kidnapping gang that had comprised of ten individuals aged between 20 and 40.
The earliest instances of wrench attacks on members of the crypto community are from 2014 as per data on public domains.
Last year alone, these kinds of physical attacks on crypto holders rose by 75 percent hitting 72 cases in 2025. The losses from these attacks, as per a CertiK report, clocked $41 million. Such instances made it to the headlines from regions including the U.S., France, Thailand, Phillipines, and South Korea among others.
Source: GitHub
In light of the rising dangers of being physically attacked, more and more crypto leaders are now amping up their personal security while also improving the overall security provisions of the Web3 ecosystems.
Coinbase has reportedly spent around $8.7 million last year towards the security and protection measures of its CEO Brian Armstrong. In 2024, this expenditure was reported at around $6.2 million.
“In 2024, Mr. Armstrong received personal security services,” Coinbase had said in its filing with the SEC back in 2024. “We do not consider these risk-based security measures to be personal benefits, but rather, reasonable and necessary expenses for the benefit of our Company and our stockholders.”
Cameron and Tyler Winklevoss, the famous twin pair that own and run the Gemini exchange, are also doling out millions for their personal protection. In an April 2026 filing with the SEC, Gemini claimed that, “In 2025, the Company incurred approximately $5.0 million for the provision of security services to Messrs. Cameron and Tyler Winklevoss.”
In conversation with The Coin Headlines, cybersecurity company Check Point said that hackers are now using ransomware attacks wherein they are first taking unauthorized access of their victims’ devices and then locking the files until the demanded random is provided.
The availability of AI to malicious threat actors are estimated to only increase the level of dangers in the coming times, especially in countries with healthier economies, Check Point said. It named Indonesia, Saudi Arabia, UAE, Kuwait, China, and Italy among nations most at risk for sophisticated cyber attacks, especially ones fueled by AI.
“Cybercriminals used to target the richest countries because that’s where the money was. But with AI coming into play, things are changing. Now, attackers can run automated campaigns that hit thousands of targets simultaneously, so they go after whoever has the weakest defenses, regardless of money. In other words, AI makes it cheap to attack vulnerable systems at scale,” the security firm said alerting investors from these nations to beware.
However, it is noteworthy that wrench attacks targeting the crypto community, remain a statistically miniscule threat to an average crypto holder. For now, a majority of theft attacks around the digital assets sector continue to rely on online methods like phishing links, impersonation scams, rug pulls, malware, and smart contract exploits.