Key Takeaways:
- CertiK estimates $40.9 million was lost to wrench attacks in 2025.
- Attacks are becoming more violent and organized.
- Over 40% of reported wrench attacks occurred in Europe.
Blockchain security firm CertiK has released new findings showing that $40.9 million was lost to crypto-related “wrench attacks” in 2025, alongside a 75% increase in reported incidents compared to the previous year.
A wrench attack is a type of crime where attackers use physical force, threats, or confinement to make someone hand over access to their cryptocurrency. Instead of hacking computers, criminals target people directly, often forcing victims to unlock wallets or reveal private keys.
Wrench attacks are no longer edge cases.
In 2025, wrench attacks rose 75%, with $40.9M in confirmed losses—solidifying targeted violence as a structural risk in digital asset ownership.
The Skynet Wrench Attacks Report is now live.
Read it here👇https://t.co/DRCQAMeRbV
— CertiK (@CertiK) February 2, 2026
According to CertiK’s Skynet Wrench Attacks Report, there were 72 verified cases worldwide in 2025. The report notes that these attacks are becoming more organized and violent, moving beyond isolated crimes into coordinated operations carried out by criminal groups across borders.
Violence on the rise
Kidnapping was the most common form of attack in 2025. However, CertiK found that physical assaults rose by 250% year-over-year, showing a sharp increase in brutality.
In many cases, attackers used intimidation or violence to pressure victims into transferring digital assets.
The report also warns that the true scale of losses may be higher.
Many victims do not report attacks due to fear, private settlements, or the difficulty of tracing ransom payments.
Europe now the most affected region
One of the report’s key findings is a shift in where these attacks are happening.
Europe accounted for more than 40% of all recorded wrench attacks, making it the most dangerous region globally. France recorded the highest number of incidents, with 19 confirmed incidents, surpassing the United States.
CertiK attributes this trend to criminals using publicly available information, such as social media posts and online profiles, to identify individuals who may hold large amounts of cryptocurrency.
Different types of wrench attacks
CertiK classifies wrench attacks into several categories, including:
- Armed robbery
- Blackmail
- Extortion
- Home invasion
- Kidnapping
- Murder
- Robbery
- Torture
- Physical assault
- Ransom
In the most extreme cases, the report documents incidents involving loss of life. One of the most serious cases involved Danylo Kuzmin (son of Ukrainian deputy mayor) in Austria. In December 2025, he was lured to a parking garage in Vienna, where attackers forced him to reveal access to his crypto wallets.
Around $200,000 in cryptocurrency was taken. Kuzmin was later killed, making it one of the most extreme and tragic wrench attacks documented in the report.
🚨BREAKING: 🇺🇦 21-year-old Danylo Kuzmin, son of Ukrainian deputy mayor was murdered on november 26th in Vienna for $200,000 in crypto assets.
He was beaten and forced to disclose his cryptocurrency wallet passwords, and burned alive in his car by two Ukrainian suspects.
Be… pic.twitter.com/lENoJdAZ69
— Ash Crypto (@AshCrypto) December 14, 2025
These classifications help show how attackers use different levels of force, from threats and pressure over time to sudden, violent confrontations.
What this means for crypto users
CertiK says the rise of wrench attacks marks a turning point for crypto security. Protecting digital assets is no longer just about software and passwords; it also involves personal safety and privacy.
The firm recommends separating personal identity from crypto ownership, limiting public exposure, using shared or multi-party wallet setups, and thinking about physical security in the same way people think about online risks.
As crypto adoption grows, CertiK warns that physical coercion is now a real and growing threat that users can no longer afford to ignore.
