Inside 2025’s Brutal Bitcoin Wrench Attacks—and the Coercion-Resistance Gap

As crypto prices climbed in 2025, a darker trend accelerated: real-world coercion. The industry still optimizes for remote hackers and malware, yet attackers increasingly bypass code by attacking the human. That gap—coercion resistance—defined the year. A public database maintained by Jameson Lopp, CTO at Casa, logged at least 65 wrench attacks in 2025, and practitioners expect many incidents never hit the record. The violence ranged from kidnappings to sexual assaults and murder.

What changed isn’t just the number of incidents—it’s the tradeoff calculus. When the on-chain prize swells, social engineering and force become the lowest-latency exfiltration path. The patterns are depressingly consistent: impersonation at the door, spoofed rideshares, sedation, and extended captivity aimed at extracting wallet access or seed phrases. Too many victims had significant balances on devices or accounts that could be moved under duress.

Case snapshots that shaped 2025 - France: Ledger co-founder David Balland was abducted with his wife in January and held for roughly 24 hours. Reports indicated one of Balland’s fingers was severed and sent to associates to pressure a ransom. In June, French police arrested a French-Moroccan national alleged to be the ringleader, tied to other kidnapping plots in May.

- Canada: A British Columbia family endured a 2024 home invasion that resurfaced in headlines at sentencing. Assailants posing as postal workers waterboarded the parents, threatened genital mutilation, and sexually assaulted their daughter—forcing explicit recordings—while draining about $1.6 million in crypto. One perpetrator received a seven-year sentence in November.

- London: Visiting from Portland, Oregon, Jacob Irwin-Cline entered a fake Uber and was allegedly dosed via a scopolamine-laced cigarette. While conscious but suggestible, he gave access to his accounts; around $72,000 in XRP and $50,000 in Bitcoin were taken. He was later abandoned in an unfamiliar area.

- New York City: Prosecutors charged two men with luring an Italian businessman to a residence, where he was allegedly bound, beaten, drugged, and subjected to electric shocks over multiple weeks to obtain crypto passwords, with threats against his relatives. Defense attorneys presented video they claim shows consensual behavior. John Woeltz and William Duplessie pleaded not guilty and were released on $1 million bail in July as proceedings continue.

- Vienna: In November, 21-year-old student Danylo K., son of Kharkiv’s deputy mayor, was ambushed in a hotel garage, forced to drive, beaten until his teeth fell out, doused in gasoline, and set on fire. Withdrawals from his crypto wallets were detected afterward. Two Ukrainian nationals were arrested in Ukraine after fleeing across the border.

My read: the security stack still prioritizes entropy and cold storage, while attackers target speed and compliance under fear. A wallet that’s perfect against keyloggers can still fail when someone shows up at your door. The fix isn’t another seed-phrase tutorial—it’s making coercion-resistant operations the default.

What needs to change - Time, velocity, and location controls by default: Withdrawal limits, mandatory cool-downs, and “travel mode” should be on by design. A coerced transaction that cannot settle immediately changes the attacker’s payoff.

- Multisig with asymmetric cosigners: Mix hardware and remote cosigners so a single person under duress can’t move size instantly. Design it so a remote cosigner can silently flag duress and enforce delays. Clear, credible decoy flows matter; if an attacker senses a dead end, violence can escalate.

- Plausible-deniability UX: Duress PINs, decoy accounts with meaningful balances, and passphrase-protected vaults should be standard, not hidden in advanced menus. The user experience must make a “quick, believable payout” possible while protecting the treasury via rate limits and time locks.

- Split knowledge and geography: Shamir secret sharing or seed splitting can help, but only if one share lives out of reach. Otherwise, you’ve added complexity without real-world separation.

- Custodial layering for higher-risk profiles: Qualified custodians with withdrawal delays, out-of-band callbacks, and geofencing reduce wrench risk. It trades some self-sovereignty for deterrence—an acceptable compromise for many HNW participants.

- Behavioral hygiene: Keep hot balances small. Remove exchange apps when traveling. Verify rides by plate, not app UI. Don’t accept items from strangers. Establish door protocols and vary routines. None of this is glamorous; it’s what actually reduces exposure.

- Preparedness and recourse: Incident runbooks, insurability (where available), and pre-established relationships with local law enforcement can improve outcomes. Victims often hesitate to report; a plan lowers that barrier.

Media attention around these cases can feel sensational, yet the lesson is practical: treat duress as a first-class threat model. Wallet teams, exchanges, and standards bodies should build coercion resistance into default settings and onboarding, not as opt-in “power features.” Markets may reward speed, but in 2025 the fastest thing in crypto was a coerced signature. That’s the part the industry can fix.