CustodyStress
Archive › Physical coercion
Part of the CustodyStress archive of observed Bitcoin custody incidents
CS-01399

The analysis noted that attacks were no longer the exclusive domain of

Constrained
Case description
A comprehensive year-end analysis by TRM Labs described 2025 as 'a record year for wrench attacks' with approximately 60 documented physical assaults on cryptocurrency holders, noting that the true count was 'likely significantly higher' due to under-reporting. The analysis noted that attacks were no longer the exclusive domain of ultra-high-net-worth targets: victims in 2025 included teachers, construction workers, and individuals with modest holdings—targeted because their cryptocurrency ownership was discoverable through social media posts, public blockchain analytics, or compromised exchange KYC databases. The expansion of the target pool from wealthy executives to ordinary holders was identified as the defining characteristic of the 2025 threat landscape.
Custody context
Stress conditionPhysical coercion
Custody systemHardware wallet (single key)
OutcomeConstrained
DocumentationUnknown
Year observed2025
CountryInternational
Structural dependencies observed
Biometric or physical presence
What this illustrates
Access required in-person verification that couldn't be arranged under the circumstances. Whether full access was ultimately possible is unclear, but significant delay or outside intervention was involved.
Outcome interpretation
Access remained possible, but only with delay, dependence, or significant difficulty.
Source
Publicly Reported
Evidence type
News article
Evidence link
https://www.theblock.co/post/384018/record-year-wrench-attacks-how-crypto-holders-maintain-physical-security-rising-risks
Related cases involving physical coercion
A Turkish national who had travelled to Hong Kong to conduct a cryptocurrency OTC trade
Hardware wallet (single key) · 2025 Blocked
Europe accounted for over 40% of global incidents, with France alone recording 19
Hardware wallet (single key) · 2025 Constrained
The case was cited by CertiK's 2025 Wrench Attack Report as one of the year's most
Hardware wallet (single key) · 2025 Blocked
105 cases involve physical coercion 274 cases involve hardware wallet (single key) View archive statistics →
This archive documents observed custody survivability failures. It does not attempt to document all Bitcoin losses or security incidents. Submit a case
← All cases
Framework references
Where Bitcoin Custody Intersects Legal and Fiduciary Authority
Where custody creates gaps in estate planning, fiduciary duty, and professional responsibility.
Professional Scope Boundary Matrix
What each professional or product covers, what they do not, and where gaps form between them.
The Independent Assessment Layer in Bitcoin Custody
How independent diagnostic layers emerge when multiple parties depend on shared infrastructure.
Terms guide
Outcome terms
Survives
Access remained possible under the reported conditions.
Constrained
Access remained possible, but only with delay, dependence, or significant difficulty.
Blocked
Access was not possible under the reported conditions.
Indeterminate
There was not enough information to determine the outcome.
Structural terms
Single-person knowledge
Recovery depended on information or capability held by one individual who was unavailable.
Institutional dependence
Recovery depended on a third-party institution or service that was inaccessible or uncooperative.
Documentation gap
Recovery depended on instructions that were missing, incomplete, or unclear.
Authority mismatch
The person with legal authority to act did not have operational access, or vice versa.