Wrench Attack

A wrench attack is a form of physical coercion in which attackers use threats, violence, intimidation, or kidnapping to force cryptocurrency holders to disclose private keys, seed phrases, or wallet passwords and transfer their digital assets. Named humorously after a xkcd comic depicting a figure with a wrench, this attack vector bypasses all technical security measures, from hardware wallets to multi-signature schemes, by targeting human vulnerabilities instead. Wrench attacks exploit the irreversible nature of blockchain transactions and the difficulty of recovering stolen cryptocurrency, making victims particularly vulnerable. The attack represents a critical risk for high-net-worth cryptocurrency holders and highlights the gap between digital security and physical safety. Example: In 2015, cryptocurrency entrepreneur Eli Ben-Sasson was threatened and coerced during a home invasion, during which attackers attempted to force him to transfer his digital assets, illustrating real-world incidents of this attack type. Why it matters for compliance: Wrench attacks reveal that cryptocurrency regulation and security frameworks must address physical threats to asset holders. Compliance officers and custodians must implement protocols addressing both digital and physical security, including employee safety training and operational security measures that protect individuals from coercion.

Category: compliance, wallets security

Explore the full Web3 Glossary — 2,062+ expert-curated definitions. Need guidance? Talk to our consultants.