Crypto ‘Wrench Attacks’ Rising in Violence, But Risk Per User Stable

Referencing a long-running database maintained by Bitcoin developer Jameson Lopp, Haseeb Qureshi’s analysis confirms a clear trend: the number of recorded physical attacks on crypto users has increased over time. More alarmingly, the average severity of these assaults has also risen. Each incident in the database is categorized across five levels of severity, from minor to fatal, painting a picture of escalating violence. This trend is not uniform globally. Qureshi’s geographical breakdown indicates Western Europe and the Asia-Pacific region have experienced the most significant increases in violence. While North America remains the safest region overall in relative terms, it has still seen a rise in the absolute number of wrench attack incidents.

The year 2025 has already witnessed several high-profile cases underscoring this violent trend. In a shocking January incident in France, Ledger co-founder David Balland was kidnapped from his home, held for ransom for approximately 24 hours, and subjected to brutal pressure tactics, including having a finger severed. In another case, US resident Jacob Irwin-Cline was targeted in London. After being lured into a vehicle, he was drugged with a substance believed to be scopolamine, which led to him unknowingly granting attackers access to his crypto accounts. He subsequently lost about $72,000 in XRP and $50,000 in BTC.

In seeking to explain the rise in attacks, Qureshi first examined the most obvious correlation: cryptocurrency market capitalization. A simple regression analysis found that about 45% of the variation in reported violence could be explained by price movements alone, yielding an R-squared value of 0.45. This supports the intuitive notion that higher crypto prices attract more criminal attention, as the potential payoff from a successful attack increases. Qureshi noted that other tested signals were not as predictive as raw market cap.

However, Qureshi stressed that a rising tide of crime does not automatically mean crypto is becoming more dangerous for each individual holder. He proposed a critical alternative: as prices rise, more people enter the ecosystem, which could lead to more total crimes even if the probability of any single user being attacked remains constant. To test this ‘per-user’ risk, he used Coinbase’s monthly active users (MAUs) as a proxy for the size of the active crypto-holding population. The growth is staggering: from about 2 million MAUs in 2015 to roughly 120 million in 2025, a 60-fold increase. Crucially, violence did not rise at a proportional rate.

This normalization reveals a different story. According to Qureshi, crypto appears to have been more dangerous on a per-person basis in earlier years, such as 2015 and 2018, when the user base was much smaller. While there has been a recent uptick in violent events per user, it is moderate and roughly in line with levels seen during the 2021 bull market. This current risk remains significantly lower than the period before 2019. Furthermore, when violence is normalized by total market cap—a rough measure of violence per dollar of crypto wealth—the metric has barely changed over recent years.

The analysis presents a nuanced security landscape for cryptocurrency. The headline figures of rising attack counts and severity are real and concerning, particularly for users in regions like Western Europe. High-value individuals, such as Ledger’s David Balland, remain prominent targets. Yet, the data also suggests that the massive expansion of the user base, exemplified by platforms like Coinbase, has diluted the individual risk compared to the niche, early days of crypto.

For the broader financial community and potential adopters, the key takeaway is the persistent link between market cycles and criminal activity. Approximately 45% of violence variation tied to market cap serves as a stark reminder that bull markets bring not only capital appreciation but also heightened security threats. However, the stability of risk metrics like violence per user and per dollar of wealth indicates that, for the average holder, the ecosystem is not becoming inherently more perilous as it matures and grows. This complex reality underscores the ongoing need for robust personal security practices alongside the technological safeguards protecting digital assets like Bitcoin and XRP.