CertiK Releases Skynet Report: "Wrench Attacks" to Surge 75% by 2025, Physical Violence Becomes a Major Threat in the Crypto Space

Web3 Security Company CertiK Report Indicates 72 Global Wrench Attacks in 2025, Up 75% Year-over-Year. Attackers Use Violence, Kidnapping, and Other Means to Force Victims to Hand Over Private Keys, Resulting in Losses Exceeding $40.9 Million, with Europe as a High-Risk Area. This article is based on a piece by CertiK, compiled, edited, and written by Foresight News.
(Previous context: Ethereum transaction volume hits record high but triggers security alerts! Hacker “Dust Attacks” boost transaction data, hiding underlying risks behind prosperity)
(Additional background: On-chain detective ZachXBT: A wallet was stolen through “social engineering attack” of $282 million in BTC and LTC)

Table of Contents

• Significant escalation in violence, Europe becomes a high-risk area
• Losses over $40 million, actual scale may be severely underestimated
• How to respond to physical threats? Safety tips for individuals and organizations

On February 2nd, Web3 security firm CertiK released the “Skynet Wrench Attack Report,” indicating that physical violence targeting cryptocurrency holders has evolved from extreme cases into a structural risk. As security measures for crypto assets continue to strengthen, this bypassing of technical defenses and direct attacks on “people” are spreading rapidly.

The report shows that in 2025, there were 72 verified wrench attack incidents worldwide, a 75% increase from 2024. The term “wrench attack” refers to attackers using violence, intimidation, kidnapping, and other physical means to force victims to surrender private keys or passwords. These attacks do not rely on technical vulnerabilities but directly target individuals behind the assets.

Significant escalation in violence, Europe becomes a high-risk area

In terms of attack methods, 2025’s wrench attacks show a clear trend of increased violence. The report states that kidnapping remains the primary attack method, with 25 incidents throughout the year; direct physical assaults increased by 250% year-over-year, becoming one of the most alarming changes.

Geographically, Europe has for the first time become the highest-risk region globally. In 2025, Europe accounted for over 40% of known incidents worldwide, with France recording the highest number of attacks, surpassing the United States. CertiK notes in the report that this shift does not mean North American risks have disappeared but reflects that such crimes are spreading to regions with more complex legal environments and higher cross-border cooperation costs.

Losses exceed $40 million, the true scale may be severely underestimated

Financially, confirmed losses related to wrench attacks in 2025 exceeded $40.9 million, a 44% increase year-over-year. However, the report warns that due to low reporting willingness, fears of retaliation, and some assets involved in tax evasion or gray areas, this figure is only the “tip of the iceberg.”

By comparing attack patterns, the report finds that 2025’s wrench attacks have thoroughly moved away from early speculative and scattered characteristics into a phase of professionalism and industrialization. Attackers often operate as transnational criminal groups, usually preparing for several weeks, analyzing digital footprints with open-source intelligence (OSINT), targeting weak defense periods, and even deploying signal jammers, Faraday bags, and other professional equipment to cut off victims’ external communications.

Notably, attacker targets are becoming more generalized. While industry executives and project founders remain high-value targets, attackers are now also targeting individuals with smaller holdings. Moreover, attackers increasingly use “related targets,” threatening victims’ spouses, children, or parents to exert psychological pressure.

How to respond to physical threats? Safety tips for individuals and organizations

As technical security standards improve, “system hacking” becomes more difficult, while “threatening individuals” costs less and is more efficient. This paradox makes personal safety the most vulnerable and easily overlooked aspect of the current crypto ecosystem.

The report offers a series of safety recommendations for individuals and organizations: on a personal level, suggestions include using “decoy wallets” to reduce threat losses, geographically isolating seed phrase storage, and removing encryption apps from daily devices to lower risks; on an organizational level, it emphasizes adopting multi-signature mechanisms, time-locked contracts, transaction friction mechanisms, and expanding security training to family members and employees.

CertiK concludes in the report that the trends of 2025 indicate that wrench attacks have become an independent category of crime within the crypto ecosystem, and relying solely on seed phrase security is no longer sufficient to mitigate risks. Upgrading from “asset protection” to “person protection” through systemic design to reduce coercion may become a key focus for future industry development.