Crypto “wrench attacks” cause $100M+ losses; Binance adds withdrawal lockdown

Published: 2026-05-11 11:27:52 |

Crypto security firm CertiK says physical extortion tied to “wrench attacks” has cost investors more than $100 million since January 2026. The attacks target people who control wallets—kidnapping, assault, threats, and coercion are used to force victims to transfer funds, unlock accounts, or surrender private keys. CertiK reports verified global incidents rose 41% to 34 in the first four months of 2026, with a projection of ~130 incidents for the year and losses potentially reaching the “several hundred million” range. Europe is the main hotspot: France accounts for 82% of verified cases in that period. French authorities also cited 41 incidents involving physical coercion tied to digital assets since January (about one attack every 2.5 days). The article links concentration to visibility of crypto networks (executives, teams, and events) and possible data leakage, including a cited case involving a French tax official allegedly selling information about crypto holders. “Wrench attacks” are effective because criminals can bypass technical security by forcing approvals in real time. The piece highlights evolving tactics, including proxy targeting of relatives/associates and cross-chain laundering, citing incidents involving BTC ransom, forced transfers, and conversion into privacy assets. In response to coercion risk, Binance introduced a withdrawal lockdown feature letting users set a 1–7 day delay on on-chain withdrawals. The exchange frames it as deterrence through friction and a window for victims to alert law enforcement, though the feature may be bypassed if attackers can hold victims long enough. The report argues that wallet safety now includes personal security, leaked identity data, and incident response—not only seed-phrase protection.

Bearish

The report highlights an escalation in real-world coercion against crypto holders, with CertiK tying “wrench attacks” to $100M+ losses and projecting a higher annual incident count. For traders, this increases perceived custody and off-chain safety risk (even when on-chain security remains intact). It can pressure sentiment toward centralized custody and user-experience features, while raising the demand for controls like withdrawal delays. Short term, any credible surge in violent theft narratives tends to make risk management more conservative: exchanges may see higher interest in protective account settings, and traders may reduce exposure to high-risk custody arrangements. It can also trigger brief volatility in BTC/ETH options and custody-adjacent products if headlines drive fear. Long term, the addition of tools such as Binance’s 1–7 day withdrawal lockdown suggests the industry will adapt, but it also signals that security is broadening from “cyber-only” threats to identity-and-coercion threats. Similar past waves of security fear (e.g., major exchange exploits or large-scale phishing campaigns) often lead to temporary drawdowns or rotation to assets/venues perceived as safer, followed by normalization once mitigations and best practices spread. Overall, the headline risk skews bearish because the threat is hard to eliminate purely with cryptography and can reframe wallet control as a personal-risk problem, not just a technical one.