The Alarming Rise of Crypto-Related Violence: How France Became a Hotspot

A disturbing trend is unfolding in France, where crypto holders are being targeted in increasingly brazen and violent attacks, known as 'wrench attacks.' This year alone, the country has witnessed at least 41 kidnappings and home invasions related to cryptocurrency, occurring at a rate of approximately one every two to three days. The situation has become so dire that government officials have taken to the stage at a recent blockchain conference to express their concern and announce plans to tackle the issue. Minister Delegate to the Interior Ministry, Jean-Didier Berger, revealed that a new set of measures is being developed in collaboration with Interior Minister Laurent Nuñez to address the growing problem. Although a prevention platform has already garnered thousands of registrations, authorities acknowledge that further action is necessary as incidents continue to escalate. France has become the epicenter of a global surge in wrench attacks, with security researchers and law enforcement data indicating that such attacks are becoming more frequent and violent worldwide. In 2025, there were 72 verified physical coercion incidents globally, representing a 75% increase from the previous year, according to data from Certik and crypto researcher Jameson Lopp. The term 'wrench attack' refers to the use of physical force to extract access to digital assets, often proving easier for attackers than attempting to break encryption. 'Every time a wrench attack is successful, it sends a message that crypto owners are lucrative targets,' Lopp noted. Unlike traditional bank transfers, crypto transactions are irreversible, allowing attackers to quickly move funds across wallets and chains once a victim authorizes a transfer under duress. Researchers have observed a shift in the way attackers identify victims, from targeting technical vulnerabilities to building profiles based on social media activity, public appearances, and leaked datasets. Attackers now track routines and identify points of weakness, with the biggest avoidable mistake being the tight linkage of real-world identity, location, and routine to visible crypto wealth. The problem is exacerbated when attackers receive insider information from government officials, as seen in a high-profile case where a French tax official sold sensitive data to wrench attackers. The pool of potential victims has expanded, with mid-level holders being increasingly targeted based on limited or indirect signals. Cases now involve families, with children being targeted alongside crypto-holding parents, making it challenging to categorize the severity of the attacks. In January 2025, Ledger co-founder David Balland was kidnapped in France, along with his partner, and subjected to a brutal attack that included the severing of one of his fingers. Other cases have involved prolonged captivity, torture, and even waterboarding and sexual violence. Lopp believes that both opportunistic and organized groups are involved, with signs of increasing coordination among attackers. TRM Labs' Phil Ariss has observed similar patterns, noting that some groups operate with defined roles and pre-planning, including surveillance and follow-home tactics. After obtaining funds, attackers tend to move quickly, frequently converting crypto assets into stablecoins and routing them across multiple chains to make recovery more difficult. France's role in this trend may be attributed to a mix of factors, including cases involving leaked personal data and cross-border criminal networks. Rising asset prices have increased the potential payoff from a single attack, while improvements in digital security have reduced the effectiveness of purely technical exploits. The increase in attacks has raised questions about the risks of self-custody, a core principle of cryptocurrency. Security experts recommend measures such as multi-signature setups, withdrawal delays, and spending limits to reduce risk by limiting access to funds under duress. 'If coercion cannot produce immediate access to the majority of funds, the risk and return change,' Ariss said. As crypto adoption grows, attacks are becoming more frequent and severe, transforming what was once a niche concern into a broader security risk.