The cryptocurrency industry is urgently bolstering security measures following a spate of kidnappings,
assaults, and armed home invasions targeting crypto holders, Bloomberg reports.
At industry conferences (such as Bitcoin 2026 in Las Vegas), top executives now move around with bodyguards, while packed seminars teach attendees how to protect their assets during a home intrusion.
The transparency of blockchain technology allows criminals to easily identify their victims. According to data from CertiK, the number of physical assaults surged by 75% in 2025—totaling 72 confirmed incidents with losses amounting to $41 million. Casa’s database records a threefold increase in "wrench attacks"—acts of violence committed to extract passwords—since 2023.
"2025 marked a turning point: physical violence has now become the primary threat vector," notes CertiK.
France has emerged as a particular hotspot, experiencing a wave of attacks targeting the families of crypto entrepreneurs.
Exchanges are dramatically increasing their security budgets. In 2025, Coinbase spent $7.6 million on security for CEO Brian Armstrong—a 20% increase year-over-year. Gemini allocated $2.5 million each for the protection of the Winklevoss brothers (their current security contract costs $400,000 per month). According to Phil Ariss of TRM Labs, crypto companies are adopting banking industry practices: providing security details for top executives, fortifying offices, and keeping home addresses confidential.
Attackers identify their victims in advance by scouring blockchain databases and exploiting data leaks from exchanges.
"From an attacker's perspective, it represents low risk and a high return on investment (ROI)," explains Adam Healy, CEO of the security firm Station70. Experts advise creating decoy wallets and utilizing time-locks—mechanisms that prevent the instantaneous transfer of funds, such as under duress. One of the co-founders of a major crypto protocol revealed that he has distributed his assets across four physical storage facilities; each withdrawal requires his personal presence and is subject to a seven-day waiting period.
Offline threats are also being leveraged in cyberattacks. In April, hackers (suspected to be from North Korea) siphoned $285 million from the Drift exchange. They spent six months cultivating trust with the staff—networking at offline conferences and even depositing $1 million to establish credibility—before finally infecting the employees' devices.
The core premise of cryptocurrency—the elimination of intermediary banks—has effectively rendered the private key holder the single point of failure. A stolen key translates to an irreversible transaction.
"Criminals go where the money is," concludes Healy. "And crypto holders represent a unique combination of significant wealth and exceptional vulnerability."