In the soft, almost meditative stillness of a typical San Francisco morning, the day began no differently from countless others — quiet streets humming faintly with city life, a few delivery trucks tracing their habitual paths through Mission Dolores. Yet within moments, that calm routine mutated into something chillingly irreversible. What appeared to be nothing more than a harmless interaction at the doorway — a delivery driver requesting a simple signature to confirm a package — would unravel into a harrowing ordeal. The supposed courier, masked in the guise of everyday normality, concealed far darker intentions. Once the door opened, the deception gave way to coercion, binding tape, and a drawn firearm. In mere heartbeats, a resident known only as Joshua became a captive within his own home, forced at gunpoint to surrender access to digital riches valued at a staggering eleven million dollars in cryptocurrency. The assailant vanished as swiftly as he arrived, leaving behind only the residue of fear and a bruised survivor reported, with understatement, to have sustained denoted but unspecified injuries, according to the *San Francisco Chronicle.*

While remote cyber exploits and digital wallet breaches are familiar features in the constantly evolving landscape of online crime, this episode represented something far more visceral: a face-to-face incursion where the battleground for digital assets shifted into the physical domain. Technology entrepreneur Garry Tan of Y Combinator, describing Joshua as a personal friend, took to X (formerly Twitter) to decry what had happened. For a brief period, he shared the security video capturing the moment the thief approached the residence under the guise of an innocent deliveryman — footage that encapsulated the eerie banality of the deception. That post has since vanished from Tan’s profile, as perhaps have the words that first stirred alarm through the crypto community.

Still, Joshua’s ordeal was far from unique. Similar narratives have surfaced with unsettling frequency across continents, signaling an evolution in criminal creativity. Jameson Lopp, co-founder and Chief Security Officer of Casa, has painstakingly documented this trend for years. His personal archive of news clippings, incident reports, and verified testimonies paints a grim picture — one of escalating violence directed against crypto holders, often targeted precisely because their “self-custody” ethos leaves them seemingly independent yet vulnerable. His longitudinal analysis reflects a dramatic increase in kidnappings, assaults, and forced transfers of cryptocurrency — crimes whose occurrence often appears to correlate with market valuations.

At this year’s Bitcoin 2025 conference, Lopp summarized the findings with a disquieting candor: the present trajectory suggests that the number of physical attacks on crypto holders is poised to set new records. These incidents, he noted, rise and fall in rhythm with the surges of Bitcoin’s price chart, reflecting both opportunity and temptation in equal measure. Beyond his research, a University of Cambridge investigation hinted that the true scope may be even broader — that for every event reported publicly, others likely remain hidden within private circles, unspoken due to embarrassment, unresolved trauma, or fear of exposure.

The reason behind such brazen criminal focus on digital wealth lies in its peculiar advantage to thieves. Unlike conventional fiat money stored in bank vaults or accounts subject to institutional oversight, cryptocurrencies like Bitcoin can be transferred in an instant, irreversible and pseudonymous. Once a victim is coerced into sending their tokens, recovery is virtually impossible. Only those digital assets controlled by centralized authorities, such as certain stablecoins tied to the dollar, can theoretically be frozen or blacklisted.

Similar violent episodes have recently unsettled communities across the globe. Just weeks ago in Bangkok, a Chinese national exiting toward a taxi on Mahaseth Road was abruptly forced into a waiting sedan by three assailants. Over the course of a brutal detour, the attackers combined physical aggression with the psychological torment of ransom, extracting both 50,000 baht in cash and 9,375 USDT — a stablecoin denominated to mirror the U.S. dollar and commonly referred to as Tether. Law enforcement later apprehended the culprits across various airports and high-rise apartments, charging them with robbery, confinement, and assault. Yet for the victim, the damage — physical and psychological — had long since been done.

On another continent, in British Columbia, an entire family endured what was described as a thirteen-hour living nightmare. Here too, the torment began with a familiar ruse: an apparently benign knock from postal workers bearing supposed parcels. Within minutes, impersonation escalated into violence — bindings, beatings, and the coerced surrender of digital assets valued near two million dollars. Though one of the perpetrators has since been arrested, others remain unaccounted for, underscoring the transnational web of such sophisticated crimes.

Similarly unsettling was an episode in Oxfordshire, England, along a quiet patch between Kidlington and Yarnton. There, five travelers found themselves suddenly encircled by masked attackers who, over the course of roughly half an hour, stripped them of valuables — among them a £448,000 Rolex and mobile phones — and compelled one captive to transmit £1.1 million worth of cryptocurrency to anonymous wallet addresses. Each of these incidents, though geographically distinct, follows a hauntingly similar pattern: leverage fear, extract keys, disappear into the digital ether.

To counter such existential risks, Lopp and his company Casa have dedicated extensive effort toward architectural resilience for crypto storage. Their approach centers upon multisignature vaults and inheritance protocols, intentionally fragmenting the control of private keys across trusted counterparts. This decentralization mitigates the single-vulnerability scenario — the so-called “$5 wrench attack,” a darkly humorous phrase representing the crude but effective force of physical coercion. Yet, Lopp cautions, what we witness today may only be the crude inception of a more organized, professionalized threat landscape still to come.

Carved in the shadow of these stark lessons is a quieter yet significant migration within the crypto ecosystem. Increasingly, investors are reconsidering the ideal of radical self-custody, questioning whether the philosophical purity of managing one’s own keys is worth the accompanying physical danger. Instead, many opt to entrust their holdings to established platforms such as Coinbase or institutional giants like BlackRock’s iShares Bitcoin Trust. In this arrangement, security responsibility shifts to third-party custodians, sparing individuals the fear of late-night knocks but simultaneously demanding a surrender of autonomy. It is a practical exchange of freedom for peace of mind — one that runs directly counter to Bitcoin’s original rebellion against centralized authority.

Thus, the movement finds itself at a difficult crossroads. As wrench attacks metastasize globally, crypto holders are compelled to reflect deeply on how security, in this domain, extends beyond encryption and passphrases. True safety may soon require diversification not only of digital protocols but of physical custody as well. The paradox is inescapable: in constructing a system meant to eliminate dependence on intermediaries, its disciples must now safeguard against becoming their own weakest link.

Sourse: https://gizmodo.com/11-million-crypto-theft-in-broad-daylight-is-latest-in-increasingly-common-5-wrench-attacks-2000691574