The Alarming Rise of Crypto-Related Violence: How France Became a Hotspot

A surge in violent attacks on cryptocurrency holders, known as 'wrench attacks,' has put France at the center of a global storm. These attacks, which involve the use of physical force to gain access to digital assets, have become increasingly frequent and brazen. As a result, the French government has taken notice, with officials acknowledging the severity of the problem and vowing to take action. The country has seen at least 41 crypto-related kidnappings and home invasions so far this year, a staggering rate of nearly one every two to three days. In response, the government is preparing a new set of measures to tackle the issue, including a prevention platform that has already drawn thousands of registrations. However, authorities admit that more needs to be done to address the growing problem. The rise of wrench attacks in France is part of a larger global trend, with security researchers and law enforcement data showing an increase in such incidents worldwide. In 2025, there were 72 verified physical coercion incidents globally, a 75% increase from the previous year. The term 'wrench attack' refers to the use of physical force to extract access to digital assets, often because it is easier to coerce a person than to break encryption. According to crypto researcher Jameson Lopp, 'every time a wrench attack is successful, it tells the world that crypto owners are juicy targets.' Unlike traditional bank transfers, crypto transactions cannot be reversed, making it easier for attackers to quickly move funds across wallets and chains. Researchers say that attackers are now identifying victims by building profiles, looking at social media activity, public appearances, and leaked datasets. They track routines and identify points of weakness, making it easier to target potential victims. The problem is exacerbated when attackers receive inside help from government officials, such as in a widely reported case where a French tax official sold sensitive data to wrench attackers. The pool of potential victims has widened, with mid-level holders increasingly being targeted, sometimes based on limited or indirect signals. Cases now include families, with children being targeted alongside crypto-holding parents, making the attacks harder to categorize by severity. In one notable case, Ledger co-founder David Balland was kidnapped in France along with his partner, and during the attack, one of his fingers was severed and sent to associates as part of a ransom demand. Other cases have involved prolonged captivity and torture, such as one in New York, where a crypto investor was held for more than two weeks. Lopp notes that both opportunistic and organized groups are involved, but there are signs of increasing coordination. TRM Labs's Phil Ariss says his team has observed similar patterns, noting that some groups operate with defined roles and pre-planning, including surveillance and follow-home tactics. After funds are obtained, attackers tend to move quickly, frequently converting crypto assets into stablecoins and routing them across multiple chains, making recovery more difficult. France's role in this trend may reflect a mix of factors, including cases involving leaked personal data and cross-border criminal networks. Rising asset prices have increased the potential payoff from a single attack, while improvements in digital security have reduced the effectiveness of purely technical exploits. The increase in attacks has raised questions about the risks of self-custody, a core principle of cryptocurrency. Some security experts point to measures such as multi-signature setups, withdrawal delays, and spending limits as ways to reduce risk by limiting how much can be accessed under duress. As crypto adoption grows, attacks are becoming more frequent and severe, turning what was once a niche concern into a broader security risk.