Europe’s Crypto Wrench Attacks Surge to $101M Losses
Web3 security firm CertiK reports a sharp rise in crypto wrench attacks across Europe. Losses have reached about $101 million in the first four months of 2026, nearly doubling the $52.2 million seen for all of 2025. CertiK recorded 34 verified crypto wrench attacks since the start of the year, with Europe accounting for 82% of incidents—an “hyperconcentration” shift from prior years.
The attacks are typically carried out by criminal groups of 3–5 people, often recruited via messaging apps like Telegram or Snapchat. Teams may pose as delivery drivers or police officers, then use ruses to ambush victims. CertiK says the coercion model is becoming more data-driven: attackers increasingly use leaked personal and financial information—such as the January breach at crypto accounting firm Waltio and accusations involving tax official Ghalia C—to identify targets without needing extensive physical surveillance.
France is flagged as the epicentre. CertiK cites 24 crypto wrench attacks in France so far in 2026, while France’s National Prosecutor’s Office for Organized Crime reported 47 incidents. The report also notes wider indictments: in April, at least 88 people (including 10 minors) were indicted in France.
CertiK warns that if the pace continues, incidents could reach around 130 by year-end and losses could climb into the “several hundred million dollars” range. Separately, Casa security chief Jameson Lopp tracked 31 attacks this year and noted some mistaken-identity cases.
Bearish
This news is likely bearish in the short term because it highlights an escalation in violence-linked crypto wrench attacks—losses up to ~$101M and a fast-rising incident count in Europe. Even though these crimes are not a direct protocol-level market risk, they can worsen sentiment around holding self-custody or keeping large balances visible, encouraging risk-off behavior (e.g., moving to safer custody, reducing on-hand exposure, or demanding better security controls).
Historically, when security incidents—especially those tied to identifiable individuals—spike, markets often see short-term overreaction in related narratives (exchange/custody safety, surveillance/privacy debates). Longer term, the described shift toward data-driven targeting suggests more sustained enforcement and compliance pressure, potentially increasing costs for custodians and impacting regional regulatory discussions.
However, the impact may remain limited for broader liquidity because wrench attacks are geographically concentrated (82% in Europe) and do not inherently change chain fundamentals. Hence the overall read is negative but not catastrophic.