On Dec. 1 in Val‐d’Oise, France, the father of a Dubai‐based crypto entrepreneur was kidnapped off the street; another entry in Jameson Lopp’s directory of 225‐plus verified physical attacks on digital asset holders.
The database Lopp, the chief security officer at Bitcoin wallet Casa, has maintained for six years, shows the pace of coercion rising fast, with a 169% jump in reported physical attacks in 2025.
The risk itself isn’t unique to crypto: gold brokers, luxury resellers, even cash couriers have faced the same basic weapon for centuries (violence). What’s new is that digital assets are now being stolen face‐to‐face.
The shift is fueling a new arms race in wallet design. “Panic wallets” with duress triggers that can instantly wipe balances, send false decoys, or call for help with a subtle biometric gesture.
The idea sounds elegant until you add a wrench. As Lopp told Cointelegraph, “Ultimately, use of duress wallets relies upon speculation about the attacker, and you can’t possibly know their motivations and knowledge.”
The data behind the fear
Lopp’s findings suggest wrench attacks follow market cycles. They rise during bull runs and periods of intense over‐the‐counter (OTC) trading, when large deals move off exchanges. The US leads in absolute cases, although the per-capita risk is higher in the United Arab Emirates and Iceland.
About a quarter of incidents are home invasions, often aided by leaked Know Your Customer (KYC) data (as Lopp laments, “Kill Your Customer”), or public‐records doxing. Another 23% are kidnappings. Two‐thirds of attacks succeed, and roughly 60% of known perpetrators are caught.
The trend line correlates roughly with Bitcoin’s (BTC) price chart. Each retail mania pulls new money and new targets into public view, and criminals chase return on investment like everyone else.
Related: Crypto user attacked in France over Ledger hardware wallet — Report
Testing the panic gesture
If digital self‐defense is evolving, it’s doing so without evidence. “There’s not much we can definitively state about the effectiveness of duress wallets/triggers, because we have so little data,” Lopp points out.
Related: Bitcoin ’wrench attacks’ on track to double its worst year
He’s aware of one victim who tried a decoy wallet and failed to convince the assailant, and another who complied immediately but was still tortured for hours because the thief assumed hidden reserves.
The builders fighting back
Matthew Jones, co-founder of Haven, learned the hard way. While attempting a 25 BTC trade in Amsterdam, his counterpart fled with a waiting van. His photos helped Europol trace the gang across Europe; none were ever caught.
He’s since turned that experience into a product: a biometric, multi‐party custody system built on “continuous authentication without identity exposure.”
Haven’s biometric wallet locks transfers behind a live facial scan stored only on the user’s device. Large transactions, above $1,000, require real‐time confirmation from a secondary verifier, such as a spouse or partner.
Changing that contact imposes a 24‐hour wait, making on‐the‐spot coercion nearly useless. Jones says, “It’s about having the cash in your wallet stolen, rather than your bank accounts emptied. So it’s about deciding what your risk tolerance is and deciding on an amount.”
Related: Are seed-phrase-free crypto wallets the key to mass self-custody? Expert weighs in
The custody dilemma
As physical coercion rises and privacy rules such as the Organization for Economic Cooperation and Development’s Crypto-Asset Reporting Framework tighten, even veteran Bitcoiners are reevaluating self‐custody. Some now prefer custodianship to personal risk.
Lopp calls that outcome catastrophic: “If enough people decide that Bitcoin self-custody is too dangerous to undertake, this will create massive centralization and systemic risk to the entire system. It’s a battle I’ve been fighting against for a decade.”
It exposes the paradox at the heart of crypto security in 2025: every safeguard, from stricter KYC databases to offchain biometrics, narrows anonymity while widening the attack surface. The frontier problem isn’t smart‐contract exploits anymore; it’s data exposure and fear.
Related: The case for a ‘non-mandatory KYC’ model — Interview with Toobit
What actually works
For all the innovation, the simplest protection remains social discretion. Lopp advises, “The most effective thing that a Bitcoiner can do to reduce their wrench attack risk is very difficult: don’t talk about Bitcoin, at least not while using your real name or face.”
As hardware wallets learn panic modes and regulators demand more visible ownership, the only defenses that scale may be cultural. Most wrench attacks succeed because the victim can be found, not because their wallet can be broken.
Magazine: 2026 is the year of pragmatic privacy in crypto — Canton, Zcash and more
