2025 has seen the personal risks to Bitcoin investors reach an all-time high, according to Alena Vranova, founder of hardware wallet maker SatoshiLabs. Speaking at the Baltic Honeybadger 2025 conference in Riga, Latvia, Vranova said:
“Every week, there is a Bitcoiner, at least one in the world, who gets kidnapped, tortured, extorted, and sometimes even worse.”
These attacks, often referred to as the “5-dollar wrench attacks”, are physical assaults, kidnappings and threats of violence to force victims to hand over their private keys – the digital passwords that control access to their bitcoin holdings.
Many assume these attacks only target wealthy early adopters or industry executives. Vranova said that’s not the case. “We have seen cases of kidnappings for as little as $6,000 worth of crypto, and we have seen people murdered for $50,000 in crypto,” she said.
Her message was clear: even small investors can be on the radar of violent criminals.
As bitcoin’s price goes up and media coverage increases, so does the risk. “The more popularity Bitcoin gets, the more exposure these kidnappings get in the media, the more criminals get inspired,” Vranova warned.
One of the main reasons for the rise in physical attacks is the massive amount of personal data that is now online due to breaches at centralized exchanges and service providers.
Many platforms are required by law to follow “Know Your Customer” (KYC) regulations, which means collecting sensitive information like names, addresses, and ID numbers.
Related: KYC Is The Illicit Activity
“We currently have more than 18 million Bitcoiner and crypto user identities leaked online; 2.2 million out of those contain home addresses,” Vranova said.
She emphasized that this leaked information makes it easier for criminals to find and target victims.
These breaches are not limited to the Bitcoin industry.
In May 2025, Coinbase confirmed a hack that exposed some customer names and addresses. The following month, Cybernews reported a breach of databases containing over 16 billion stolen login credentials from tech giants like Apple, Facebook, and Google.
Once in the wrong hands, this data can be combined with blockchain analysis tools to find people with significant bitcoin holdings, which then leads to phishing attacks, SIM-swapping or violent extortion.
The 5-dollar wrench attacks are not limited to one region.
Vranova mentioned a surge in organized kidnappings in France, but warned: “The attackers are either just ad hoc petty criminals who see you transacting with your Bitcoin wallet in the pub and they drag you in the taxi,” as well as professional gangs that treat kidnapping “as a service.”
Industry experts say 2025 could be the most dangerous year yet for Bitcoiners, with incidents set to double the worst year on record.
Vranova is not just raising the alarm — she is working on solutions. She has created counter-kidnapping training for bitcoin investors. The training covers op-sec, physical safety, and how to survive captivity.
She has also made a physical security checklist for bitcoin holders, telling people to review how easily they can be found and to take steps to protect their privacy.
She said, “Bitcoiners love to overestimate the importance of technology and underestimate the human factor.”
As part of her work, Vranova is developing a privacy-focused mobile app called Glok. The idea is simple: if you feel threatened, you can press a button and send an encrypted alert with your location to trusted contacts.
The system uses the decentralized Nostr protocol to avoid centralized servers, so no data leaks.
“I don’t want my developers to know anything about our users. I don’t want to be a honeypot,” she said, stressing that all sensitive data stays encrypted on the user’s device until an alert is triggered.
Glok is in development and beta testing will begin soon. Vranova hopes it will not only help Bitcoiners but also be a “neighborhood watch” tool for broader communities.
Until Glok is available, Vranova and other security experts recommend:
- Keep a low profile about your bitcoin holdings.
- Use non-custodial wallets and spread funds across different secure locations.
- Don’t talk about your investment size or strategy in public.
- Strengthen online security with unique passwords, multi-factor authentication and regular data breach checks.
- Be aware of unusual contact attempts or suspicious behavior.
