Around the world, attacks on people connected to crypto are becoming more frequent. CertiK believes that too little is said about such attacks, even though they are on the rise.
Since the beginning of 2026, the company has already confirmed 34 cases where crypto owners were attacked for access to their assets. These attacks are called wrench attacks. Usually, it follows one pattern: a person is threatened, kidnapped, or beaten so they themselves unlock access to their wallets.
Over the past year, such cases have increased significantly. According to CertiK, the growth has already reached 41%, and the total losses have exceeded $101 million. If the trend continues, by the end of 2026 the number of such attacks could approach 130 cases. That would mean losses in the hundreds of millions of dollars.
The term wrench attack originally appeared as a joke in the crypto community. The idea was simple: any protection is useless if a person can be forced to give up their password by force.
See also: Privacy and Transparency in Blockchain Are Not Contradictory. How It Works
Most attacks this year happened in January. At that time, 13 cases were confirmed. In February there were 5 attacks, in March 10, and another 5 were recorded in April.
Currently, the main wave of these crimes is happening in Europe. According to CertiK, it already accounts for 82% of all registered cases. For comparison, in all of 2025 the figure was about 40%.
One country that stands out is France. In the first months of 2026, there have already been 24 attacks on crypto owners. For comparison, in all of 2025 there were 20 such cases.
The situation has also drawn the attention of Telegram founder Pavel Durov. In April, he stated that in France alone, there have already been 41 kidnappings related to cryptocurrencies in just a few months. According to him, one of the main reasons is leaks of users’ personal data. When home addresses, tax information, and other data are leaked online, it becomes much easier for criminals to find victims. Because of this, crypto owners are easier to find and turn into targets for attacks.
At the same time, in North America such attacks have noticeably decreased. The number of cases dropped from 10 to 3. In Asia, the drop was even sharper, with the number of attacks falling from 25 to 2.
Attacks on Crypto Owners Reach a New Level
According to CertiK, modern wrench attacks are increasingly based on data hunting. Now criminals do not even have to track victims in person. In many cases, attackers simply find leaked data of crypto owners online. That is already enough to figure out who they can try to attack.
And more and more often, problems start not only for the investors themselves. Criminals often target family members or close associates to put pressure on the victim through them. They are used as tools for blackmail or coercion.
See also: AI Agents in Finance: What They Can Do, What They Don’t Understand, and Where They Fail
More than half of the attacks in France this year were connected specifically to family members of the main target. In some cases, relatives were kidnapped or attacked directly.
One of the most discussed cases was the kidnapping of the 84-year-old mother of journalist Savannah Guthrie. The criminals demanded $6 million in bitcoin for her release.
According to CertiK, many of these attacks are carried out by young groups. At the end of April, French police charged 88 people. Among them were more than ten minors. They are accused of kidnapping, extortion, unlawful detention, and money laundering.
How to Protect Yourself
Now, simply storing money in a cold wallet and setting strong passwords is not enough to protect your crypto. Experts advise not to show off your assets unnecessarily. The fewer posts about profits, transfers, expensive purchases, and a lavish lifestyle on social media, the lower the chance of attracting the wrong kind of attention.
Another important point is anonymity. It is better not to reveal which wallets belong to you. You should not link your crypto to your social media, personal accounts, or data that can be used to quickly find you. The less information about you is publicly available, the lower the chance of becoming a target for such attacks.
