Gavin Wilson, Director of Physical Security & Risk, Toro Solutions explains how improved crypto security is pushing criminals towards violent, real-world attacks – turning executives, employees and family members into high-value risks.
Cryptocurrency has transformed the financial landscape. It offers freedom, accessibility and the potential to generate significant wealth.
Yet this innovation has also created new risks – not only to systems, but to people.
As security systems improve, criminals have changed their focus. Instead of hacking platforms, they’re targeting the people who control the assets.
Executives, traders, content creators and even family members have become high-value targets. It’s often easier to pressure a person than to break through an encrypted system.
Strong passwords, multi-factor authentication and encrypted wallets all help, but they don’t matter if someone with access can be intimidated or manipulated. Attackers know this.
They study routines, track social media posts and monitor public appearances. They look for vulnerabilities in human behaviour.
For criminals, targeting an individual is faster, cheaper and more effective than trying to breach a secured exchange.
Over the past 18 months, reports show a sharp increase in kidnappings and physical attacks involving crypto holders.
At least 231 incidents have been documented worldwide, including abductions, home invasions and violent coercion. Six of those attacks were fatal. This surge demonstrates a clear shift in criminal tactics.
As platforms have grown more secure, attackers are now going after the people who control the assets.
Across the globe, attacks against crypto holders increasingly involve physical coercion, often in the form of wrench attacks, in which victims are threatened with immediate violence to force them to surrender access to their digital assets.
In Cambridge, Canada, a young man was abducted at gunpoint and forced to transfer cryptocurrency to an attacker.
In Paris, a CEO’s daughter and grandson were targeted in a failed abduction attempt.
In Manhattan, New York, a 28-year-old Italian crypto investor was lured to a luxury Soho townhouse and held captive for 17 days.
During this period, the victim endured electrical shocks, pistol-whipping and cuts from a saw.
The attackers used physical coercion to force him to reveal his Bitcoin password – however, the victim ultimately escaped and alerted authorities.
Each of these cases shares a common theme.
Criminals are targeting people rather than systems because it provides the most direct route to the assets.
This approach is now a significant risk factor for executives and staff alike.
Executives are obvious targets because of their public profiles, media exposure and company affiliations.
Staff with access to wallets or trading accounts are also at risk.
Attackers may attempt to bypass internal controls by manipulating employees or exploiting predictable behaviours.
Laptops and cold wallets are portable and vulnerable.
Even minor lapses, such as leaving a laptop logged in while stepping away, can provide attackers with immediate access.
Family members are another area of vulnerability. Spouses, parents and children may be targeted to apply emotional pressure.
Criminals know that people will often act to protect loved ones, making coercion far more effective than hacking a secure system.
Modern attacks combine digital reconnaissance with physical surveillance and coercion.
Criminals gather information from social media, public events and online information.
They then apply pressure where it will be most effective. Common tactics include:
Between 2022 and 2025, physical attacks on cryptocurrency holders resulted in over $166 million in losses, with kidnappings alone accounting for $128 million, according to TRM Labs.
The rising value of cryptocurrency makes these attacks increasingly lucrative and is continuing to encourage attackers to refine their methods and not push at all angles until they succeed.
Protecting cryptocurrency now requires more than technical safeguards.
Security must be layered. Digital controls, operational practices, physical protection and managing digital footprints must work together to reduce risk.
Your online presence is now one of your biggest vulnerabilities.
Criminals gather information from social media, public events, online forums and even seemingly harmless posts about hobbies, travel, events or routines.
This intelligence allows them to plan kidnappings, coercion, or wrench attacks with precision.
Family members are especially at risk.
A single public post showing a child’s school, a spouse’s workplace, or a vacation plan can be exploited.
Threats against loved ones dramatically increase the likelihood a crypto holder will comply, regardless of how secure the wallet is.
Digital footprint management should now be core component of layered crypto security, to protect both you and your family.
The rise in attacks targeting crypto holders is a wake-up call – securing your digital assets isn’t just about wallets and passwords anymore.
Criminals are going after the people behind the assets and anyone with access, from executives to family members, can be a target.
Staying safe means thinking beyond technology.
It means layering protections – strong digital security, careful operational habits, physical safeguards and managing what you share online.
Each layer reduces risk and makes it harder for attackers to find an easy way in. At the end of the day, the real risk isn’t the wallet it’s the person who controls it.
