Key takeaways
– Crypto security is no longer only about digital defenses: criminals increasingly use physical coercion to force transfers rather than attacking blockchain code.
– In France, attackers staged a fake police raid and used violence to compel a couple to send nearly $1 million in Bitcoin, bypassing encryption by forcing the victim to authorize the transaction.
– “Wrench attacks”—threats or physical force to make owners approve transfers—are rising, showing human vulnerability can defeat strong cryptographic protections.
– Impersonating police exploits authority, urgency and fear, making victims more likely to comply without verification.
Digital security is only one front in protecting cryptocurrency. While phishing and exchange hacks remain threats, an increasing number of thefts bypass technical defenses by targeting owners directly. A recent case near Paris shows this shift: individuals disguised as police conducted a simulated raid, assaulted a couple and forced a Bitcoin transfer worth nearly $1 million. This was not a software breach but a high-stakes robbery executed through coercion.
When the victim, not the wallet, becomes the target
The incident took place in Le Chesnay-Rocquencourt, where a couple in their late 50s was assaulted in their home. Chronology:
– Three people disguised as police gained entry.
– The couple was threatened at knifepoint.
– The husband was forced to send Bitcoin to the attackers.
– Both victims were injured; the husband was tied up.
– The assailants fled in a vehicle.
French authorities are investigating, with potential charges including armed robbery and organized criminal conspiracy. Crucially, the attackers did not try to break encryption: they coerced the owner to approve the transfer personally.
Why impersonating police officers is so effective
Pretending to be law enforcement taps powerful psychological levers:
– Authority: people are conditioned to obey police.
– Urgency: an apparent raid creates pressure for immediate compliance.
– Fear: resisting may seem to entail criminal consequences.
Under stress, victims often stop verifying the legitimacy of demands. In crypto, a single coerced approval can transfer vast sums in seconds, making this tactic particularly damaging.
From simulated raid to coerced transfer
Unlike ordinary robberies of cash or valuables, this attack targeted digital assets. Attackers aimed to force an immediate crypto transfer, which is especially hard to reverse or recover because:
– Stolen funds can be moved worldwide within minutes.
– Blockchain transactions are generally irreversible.
– Rapid onward transfers make tracing and recovery difficult.
If an owner retains access, attackers need only force a transaction authorization, not steal hardware or crack security.
Understanding wrench attacks
A “wrench attack”—threatening or hurting someone to obtain keys or force transactions—is often easier than breaking encryption. Perpetrators may use threats, violence, or other coercion to get private keys or sign transactions. No matter how strong encryption is, human coercion can render it irrelevant. Some wealthy holders use decoy wallets with small balances to show under duress, protecting main holdings.
Why these attacks are increasing
Several trends make wrench attacks more common:
– Growth in self-custody: more users hold private keys directly, making them accessible targets.
– Visibility of high-value targets: public profiles can expose investors’ wealth and identity.
– Advances in cybersecurity: as remote hacks get harder, criminals turn to physical coercion.
– Instant global liquidity: crypto enables rapid, unrestricted transfers worldwide.
Reported wrench attacks rose sharply in 2025, with documented cases up 75% from 2024. Europe—and France in particular—emerged as a hotspot, with losses reaching $40.9 million and physical assaults surging.
Why France has seen a surge
France recorded multiple high-profile crimes tied to crypto, including kidnappings for ransoms, targeted home invasions, and coordinated operations by organized groups. Criminals increasingly identify crypto holders, surveil their routines and prefer direct physical targeting over digital-only methods. As crypto adoption grows, so does public awareness of who owns assets—and the physical risks that visibility brings.
Why coercion is chosen over hacking
Hardware wallets, multisig setups and cold storage make remote hacks difficult. Coercion changes the threat model: victims can be forced to unlock devices, reveal credentials or authorize transfers, bypassing cryptographic defenses. For attackers, coercion is often faster and more reliable than technical exploitation.
Why Bitcoin is particularly exposed under duress
Bitcoin’s strengths—instant transfers, irreversibility and permissionless global access—become liabilities when holders are forced to move funds. Under duress, assets can be moved immediately with little chance of recovery, and attackers can quickly scatter funds across many addresses. Some private security firms now offer services tailored to crypto investors, including travel risk assessments and home security audits.
How French authorities are responding
French law enforcement, including organized crime units, is investigating. Possible charges include armed robbery by an organized group, unlawful detention and criminal conspiracy. Authorities face challenges: rapid cross-border movement of assets, the pseudonymous and irreversible nature of transactions, and professional criminal networks.
Key security takeaways for cryptocurrency owners
The incident highlights a shift in threat dynamics: protecting systems alone is insufficient. Owners must pair technical safeguards with personal security measures. Recommended steps:
– Never publicly disclose the size of your crypto holdings.
– Keep your real-world identity separate from wallet addresses.
– Use multisignature wallets so no single person can authorize transfers.
– Distribute signing authority and key control across geographic locations or trusted parties.
Cointelegraph maintains full editorial independence. Guides are produced without influence from advertisers, partners or commercial relationships. Content published in Guides does not constitute financial, legal or investment advice. Readers should conduct their own research and consult qualified professionals where appropriate.