Crypto World
France Plans Stronger Security Response After 77 Crypto Wrench Attacks
French Interior Minister Laurent Nuñez says authorities have recorded 77 incidents involving kidnapping, extortion, or attempted extortion linked to crypto in the first half of 2026—an increase from 45 cases recorded across all of 2025. Speaking to the Association for the Development of Digital Assets (ADAN), Nuñez pledged a “more ambitious” government response to tackle the so-called “crypto wrench” attacks, where criminals use physical violence to force victims into handing over cryptocurrencies.
France is among the countries most frequently targeted for these attacks, in part due to the scale of retail adoption. ADAN estimates that about 11% of the French population owns cryptocurrencies—roughly 7.3 million people—making the country a major pool for criminals seeking both visibility and leverage.
Key takeaways
- France recorded 77 crypto-linked kidnapping/extortion incidents in the first half of 2026, up from 45 across all of 2025, according to figures cited by BFM Business.
- Nuñez says France’s dedicated prevention platform and rapid-alert/protection system has attracted 724 sign-ups so far.
- Emergency measures have reportedly led to 200 arrests, including an attacker detained within eight hours after a victim used an emergency identification hotline.
- Nuñez outlined a three-part plan focused on better intelligence-sharing, deeper coordination with ADAN, and improved operational alignment between security services.
- CertiK reports wrench attacks rose 41% globally in the first four months of 2026 versus the same period in 2025, with Europe accounting for most activity.
A sharp rise in crypto-linked extortion and kidnapping
Nuñez’s remarks underscore how quickly crypto crime involving physical coercion appears to be scaling in France. The 77 incidents reported so far this year, as cited by BFM Business, represent a steep year-over-year acceleration: 45 incidents were logged over the entire previous calendar year of 2025.
Nuñez told ADAN that authorities regard these cases as serious and that public concern is justified. That framing matters for both policy and investor sentiment, because it signals that the state is moving beyond general warnings and into more structured prevention and enforcement.
France expands prevention and emergency response
Earlier in 2026, French authorities reportedly launched a prevention platform alongside a rapid-alert and protection system for crypto holders and professionals. Nuñez said the initiative has already reached 724 sign-ups, suggesting that at least some in the sector are willing to use formal reporting channels and risk-reduction tooling.
According to Nuñez, the emergency approach has also translated into enforcement outcomes. He said it has resulted in 200 arrests, and highlighted a recent case where an attacker was arrested within eight hours on Friday—helped, he said, by a victim using an emergency identification hotline.
For victims and service providers, the practical value of such a hotline is that time-to-response can determine whether coercion ends with a transfer or with the attack interrupted. For the industry, higher sign-up rates may also improve the quality of reporting data, helping law enforcement target networks rather than individual incidents.
Three-part plan: intelligence, coordination, and operations
Nuñez promised a “more ambitious” three-part plan designed to strengthen security across the crypto sector. The plan includes:
- Stronger intelligence-sharing, reflecting Nuñez’s view that criminal networks often operate from abroad.
- Deepened partnership with ADAN, aiming to align the government’s approach with the sector’s infrastructure and reporting mechanisms.
- Better operational coordination between security services, intended to streamline how cases are investigated and responded to.
While the government’s prevention measures are already in place, the emphasis on intelligence-sharing and cross-agency coordination indicates officials see wrench attacks as a transnational criminal problem—not simply isolated cases. That framing can influence how exchanges, custody providers, and other compliant market participants think about operational readiness and incident reporting.
Why France is a focal point for wrench attacks
Broader reporting from blockchain security firm CertiK adds context to Nuñez’s announcement. In a report released in May, CertiK said wrench attacks globally increased 41% in the first four months of 2026 compared with the same period in 2025, with most attacks occurring in Europe.
CertiK also described France as the “epicenter” of these attacks. In its assessment, factors include the presence of prominent industry companies and their executives, what it characterizes as a culture of public “flexing” and voluntary doxxing within parts of the crypto community, and “proven exposure” from multiple sensitive data leaks.
The human and industry consequences are not theoretical. French hardware wallet maker Ledger co-founder David Balland was kidnapped and held for ransom in January 2025, alongside his partner, before police rescued them. The incident followed a damaging earlier event: CertiK-linked coverage points to Ledger’s 2020 data breach, in which its customer database was hacked and more than 270,000 personal records were leaked—an episode that the firm says contributed to subsequent phishing and wrench attacks that continue to this day.
“France ranks among the most targeted countries in the world for this type of breach,” CertiK said, connecting the country’s risk to both criminal targeting and the downstream effects of data exposure.
What to watch next for holders and the sector
Nuñez’s plan suggests France intends to scale enforcement and prevention further, but readers should watch whether sign-ups to the rapid-alert system continue to grow and whether intelligence-sharing and operational coordination lead to sustained disruption of the networks behind these attacks. With CertiK’s data indicating Europe is driving much of the year’s rise, the next measure of success will likely be fewer incidents alongside faster intervention when threats emerge.
You must be logged in to post a comment Login