CertiK Releases Skynet Report: 'Wrench Attacks' Surge 75% in 2025, Physical Violence Becomes Major Threat in Crypto Space

marsbit发布于2026-03-31更新于2026-03-31

文章摘要

CertiK's Skynet Report reveals a 75% surge in "wrench attacks" in 2025, where physical violence, kidnapping, or intimidation is used to force cryptocurrency holders to surrender private keys or passwords. These attacks, which bypass technical defenses to target individuals directly, resulted in over $40.9 million in confirmed losses—a 44% year-on-year increase. Europe emerged as the highest-risk region, accounting for over 40% of incidents, with France recording the most cases. The report highlights a trend toward increased violence, with physical assaults rising by 250%, and notes that attacks are becoming more organized, often executed by transnational criminal groups using OSINT, signal jammers, and Faraday bags. Targets have broadened from high-value individuals like executives to ordinary holders and their families. CertiK warns that the actual scale of such attacks is likely underestimated due to low reporting rates. Recommendations include using decoy wallets, geographic separation of seed phrases, multisig mechanisms, and comprehensive security training for individuals and organizations. The study underscores that protecting people, not just assets, is critical as wrench attacks become a structured threat in the crypto ecosystem.

On February 2, CertiK, the world's largest Web3 security company, released the "Skynet Wrench Attack Report," pointing out that physical violence against cryptocurrency holders has evolved from extreme isolated cases into a structural risk. As the security protection of crypto assets continues to strengthen, this method of attack, which bypasses technical defenses and directly targets the "person," is spreading rapidly.

The report shows that in 2025, a total of 72 verified wrench attack incidents were recorded globally, an increase of 75% compared to 2024. So-called "wrench attacks" refer to attackers using physical means such as violence, intimidation, or kidnapping to force victims to hand over private keys or passwords. These attacks do not rely on technical vulnerabilities but directly target the individuals behind the crypto assets.

Significant Escalation in Violence, Europe Becomes High-Risk Region

In terms of attack patterns, wrench attacks in 2025 showed a clear trend of escalating violence. The report notes that kidnapping remains the primary attack method, with 25 incidents occurring throughout the year; direct physical assault incidents increased by 250% year-on-year, becoming one of the most noteworthy changes.

Geographically, Europe became the highest-risk region globally for the first time. In 2025, Europe accounted for over 40% of known global incidents, with France recording the highest number of attacks worldwide, surpassing the United States. CertiK noted in the report that this change does not mean that risks in North America have disappeared but reflects that such crimes are spreading to more regions with complex judicial environments and higher cross-border collaboration costs.

Losses Exceed $40 Million, True Scale Likely Severely Underestimated

In terms of financial impact, confirmed losses related to wrench attacks in 2025 exceeded $40.9 million, a 44% increase year-on-year. However, the report warns that this figure is only the "tip of the iceberg" due to factors such as victims' low willingness to report incidents, fear of retaliation, and some assets being involved in tax evasion or gray areas.

By comparing attack patterns, the report found that wrench attacks in 2025 have completely moved away from the early opportunistic and fragmented characteristics and entered a stage of professionalized and industrialized operation. Attackers mostly exist as transnational criminal groups, often preparing for weeks before an attack, using open-source intelligence (OSINT) to analyze the target's digital traces, identify weak defense periods, and even deploy professional equipment such as signal jammers and Faraday bags to cut off the victim's contact with the outside world.

Notably, the targets of attackers are broadening. Although industry executives and project founders remain high-value targets, attackers are now also targeting individuals with smaller holdings. Additionally, attackers are increasingly leveraging "associated targets," applying psychological pressure by threatening the victim's spouse, children, or parents.

How to Respond to Physical Threats? Security Recommendations for Individuals and Institutions

As technical security standards continue to improve, "cracking the system" is becoming increasingly difficult, while "coercing the individual" is cheaper and more efficient. This paradox makes personal safety the weakest and most overlooked link in the current crypto ecosystem.

The report proposes a series of security recommendations for individuals and institutions: At the individual level, it is recommended to reduce coercion losses through "decoy wallets," geographically isolate seed phrase storage, and remove encryption applications from daily devices to minimize risk; at the institutional level, it emphasizes the use of technical measures such as multi-signature mechanisms, time-lock contracts, and transaction friction mechanisms, while extending security training to family members and employees.

CertiK emphasized in the report's conclusion that the situation in 5 indicates that wrench attacks have become an independent type of crime within the crypto ecosystem, and the security model relying solely on seed phrases can no longer cope with the risks. How to upgrade from "protecting assets" to "protecting people" and reduce the feasibility of coercive behavior through institutional design may become a key proposition for the industry's future development.

Report link: https://indd.adobe.com/view/6399f4eb-e37c-485d-a225-a7a1fc68914f

相关问答

QWhat is the main finding of CertiK's 'Skynet Wrench Attack Report' regarding physical violence in the crypto space?

AThe report found that physical violence against cryptocurrency holders has evolved from isolated extreme cases into a structural risk, with a 75% increase in verified wrench attacks globally in 2025 compared to 2024.

QWhat is a 'wrench attack' as defined in the CertiK report?

AA 'wrench attack' is an attack where perpetrators use physical means such as violence, intimidation, or kidnapping to force victims to hand over their private keys or passwords, bypassing technical defenses to target the individual directly.

QWhich region became the highest-risk area for wrench attacks in 2025, and what was a key reason for this shift?

AEurope became the highest-risk area, accounting for over 40% of global known incidents, with France recording the highest number of attacks. This shift reflects that such crimes are spreading to regions with more complex judicial environments and higher cross-border collaboration costs.

QWhat was the total confirmed financial loss from wrench attacks in 2025, and why does the report suggest this figure is a significant underestimate?

AThe total confirmed financial loss was over $40.9 million, a 44% year-on-year increase. However, the report warns this is likely a severe underestimate' due to low victim reporting rates, fear of retaliation, and some assets being involved in tax evasion or gray areas.

QWhat are some of the key security recommendations provided in the report for individuals to protect against wrench attacks?

AKey recommendations for individuals include using 'decoy wallets' to minimize losses during coercion, geographically isolating the storage of seed phrases, and removing encryption applications from daily devices to reduce risk.

你可能也喜欢

交易

现货
合约

热门文章

如何购买S

欢迎来到HTX.com!我们已经让购买Sonic(S)变得简单而便捷。跟随我们的逐步指南,放心开始您的加密货币之旅。第一步:创建您的HTX账户使用您的电子邮件、手机号码注册一个免费账户在HTX上。体验无忧的注册过程并解锁所有平台功能。立即注册第二步:前往买币页面,选择您的支付方式信用卡/借记卡购买:使用您的Visa或Mastercard即时购买Sonic(S)。余额购买:使用您HTX账户余额中的资金进行无缝交易。第三方购买:探索诸如Google Pay或Apple Pay等流行支付方法以增加便利性。C2C购买:在HTX平台上直接与其他用户交易。HTX场外交易台(OTC)购买:为大量交易者提供个性化服务和竞争性汇率。第三步:存储您的Sonic(S)购买完您的Sonic(S)后,将其存储在您的HTX账户钱包中。您也可以通过区块链转账将其发送到其他地方或者用于交易其他加密货币。第四步:交易Sonic(S)在HTX的现货市场轻松交易Sonic(S)。访问您的账户,选择您的交易对,执行您的交易,并实时监控。HTX为初学者和经验丰富的交易者提供了友好的用户体验。

2.0k人学过发布于 2025.01.15更新于 2025.03.21

如何购买S

相关讨论

欢迎来到HTX社区。在这里,您可以了解最新的平台发展动态并获得专业的市场意见。以下是用户对S(S)币价的意见。

活动图片