The Alarming Rise of Crypto-Related Violence: How France Became a Hotbed for Wrench Attacks

A surge in crypto-related kidnappings has placed France under the international spotlight, prompting government officials to take action against the rising tide of violence. This year alone, the country has experienced at least 41 crypto-related kidnappings and home invasions, occurring at a rate of roughly one every two to three days. In response, Jean-Didier Berger, Minister Delegate to the Interior Ministry, announced plans to introduce new measures to tackle the issue, including a prevention platform that has already garnered thousands of registrations. However, authorities acknowledge that further steps are necessary as incidents continue to escalate. The phenomenon of wrench attacks, which involves the use of physical force to extract access to digital assets, has become a global concern. According to security researchers and law enforcement data, the trend is on the rise, with 72 verified physical coercion incidents reported globally in 2025, representing a 75% increase from the previous year. Many more cases are believed to go unreported. The term 'wrench attack' refers to the use of physical force to coerce individuals into granting access to their digital assets, often proving easier for attackers than attempting to break encryption. 'Every time a wrench attack is successful, it sends a message that crypto owners are vulnerable targets,' crypto researcher Jameson Lopp noted. Unlike traditional bank transfers, crypto transactions are irreversible, allowing attackers to quickly move funds across wallets and chains once a victim authorizes a transfer under duress. Researchers have observed a shift in the way attackers identify victims, from targeting technical vulnerabilities to building profiles of individuals based on social media activity, public appearances, and leaked datasets. 'The biggest avoidable mistake is linking real-world identity, location, and routine too closely to visible crypto wealth,' Phil Ariss of TRM Labs warned. The problem is exacerbated when attackers receive insider information from government officials, as seen in a high-profile case where a French tax official sold sensitive data to wrench attackers. The pool of potential victims has expanded, with mid-level holders increasingly being targeted based on limited or indirect signals. Cases now involve families, with children being targeted alongside crypto-holding parents, making it challenging to categorize the severity of the attacks. Notable cases include the kidnapping of Ledger co-founder David Balland in France, who was rescued after a police operation, and incidents in New York and Canada, which involved prolonged captivity, torture, and other forms of violence. Lopp and Ariss agree that both opportunistic and organized groups are involved, with signs of increasing coordination among attackers. After obtaining funds, attackers tend to move quickly, frequently converting crypto assets into stablecoins and routing them across multiple chains, making recovery more difficult. France's role in this trend may be attributed to a combination of factors, including cases involving leaked personal data and cross-border criminal networks. Rising asset prices have increased the potential payoff from a single attack, while improvements in digital security have reduced the effectiveness of purely technical exploits. 'It's far easier than trying to rob a bank,' Lopp said. The increase in attacks has raised questions about the risks of self-custody, a core principle of cryptocurrency. Security experts recommend measures such as multi-signature setups, withdrawal delays, and spending limits to reduce risk by limiting access to funds under duress. 'If coercion cannot produce immediate access to the majority of funds, the risk and return change,' Ariss said. As crypto adoption grows, attacks are becoming more frequent and severe, transforming what was once a niche concern into a broader security risk.