Losses from global crypto wrench attacks reached $101 million in the first four months of 2026, nearly double the $52.2 million recorded in all of 2025. Just 34 documented attacks have occurred, but Europe accounts for 82% of incidents, according to Web3 security firm CertiK.
"Our 2025 report documented a gradual tilt from Asia and North America toward Europe, and these first four months of 2026 mark a European hyper-concentration," CertiK said.
If the trend continues, CertiK predicts by year-end incidents could hit 130, with losses reaching several hundred million dollars.
France is the epicenter, with 24 of the wrench attacks occurring there this year. France’s National Prosecutor's Office for Organized Crime reports a higher figure of 47 incidents in 2026. CertiK points to the presence of crypto executives from Ledger, Paymium, and Binance, along with data leaks and a culture of "flexing and voluntary doxxing" in the community.
"Early 2026 marks the shift to a data-driven targeting model in which prior physical surveillance becomes unnecessary once attackers have the victim's full name, home address, financial profile, and so on," CertiK added.
Criminal teams are often "complete amateurs," recruited via Telegram or Snapchat for a few thousand dollars, typically posing as delivery drivers or police officers. Casa chief security officer Jameson Lopp has recorded 31 crypto wrench attacks this year, noting four cases of mistaken identity. In April, 88 people, including 10 minors, were indicted in France for alleged wrench attacks.