Wrench Attacks Push Crypto Security Costs Higher, Hitting Exchange Valuations

A “wrench attack” is a physical threat, kidnapping, or violent act meant to force someone to hand over access to crypto assets. Old crime. New target. The label sounds almost cartoonish, but the thing itself is not.

The increase in “wrench attacks” and physical threats against crypto executives and investors is pushing security bills higher across the industry. Why does this matter? Because companies like Coinbase and Gemini now have to budget for guards, armored cars, family protection, and risk advisers, not just engineers staring at wallet infrastructure. Crypto used to talk mostly about hacks and wallets. I’ll be honest: that framing now feels too narrow. The risk can show up at the front door, in the driveway, or in a fake delivery uniform.

Exchanges and senior crypto executives are spending much more on personal protection as kidnappings, home invasions, and forced transfers become harder to dismiss as rare edge cases. Bloomberg connected the jump in security spending at crypto firms to violent incidents involving executives, investors, and people at crypto events. The playbook is not sophisticated. Threaten the person. Get the private keys. Empty the wallet. This is not just online fraud anymore. It is personal safety, and it changes the cost base.

The threat is not limited to famous founders or exchange CEOs. Crypto.news reported that France had become a hotspot, with 41 crypto linked kidnappings recorded in 2026. That is roughly one every 2.5 days. My take: using one country’s numbers as a proxy for the whole industry would be sloppy. But that figure is still hard to shrug off. At least in some regions, this has moved past a few freak cases and into something operators have to plan around.

Coinbase’s latest proxy filing shows what this costs in practice. The exchange spent about $8.7 million in 2025 on security and related protection for CEO Brian Armstrong, up from about $6.2 million in 2024. Coinbase calls those costs “reasonable and necessary expenses” for the company and its stockholders. Bland wording. Loud signal. Physical security is now part of the operating model. It is another cost investors have to factor into Coinbase, and over time it could drag on margins and sentiment around COIN.

Gemini is moving in the same direction. Its latest filing describes a January 2026 services agreement with Winklevoss Capital Management for executive protection, secure transportation, and risk advisory services. Gemini pays a fixed monthly rate of $400,000, plus reimbursed expenses, for its CEO, president, their family members, and other named people. That is $4.8 million a year before extras. Is this a rounding error? Not if the line keeps growing. For investors, this belongs with other SG&A costs. It may not break the model by itself, but it still eats into earnings unless trading volumes, fees, or other revenue make up the difference.

The risk profile for crypto has changed. For years, security meant smart contract audits, cold storage, internal controls, and exchange infrastructure strong enough to survive hackers. Those still matter. Counter to the usual advice, though, the cleanest cold-storage setup can still leave one ugly weakness: a person leaving an office or answering the door at home. That changes how investors may look at crypto companies and large personal holdings. Spot Bitcoin ETFs have helped bring more institutional money into the market, but direct exposure to crypto businesses now carries a more physical kind of risk. I do not think that stops adoption. It makes the story messier.

Recent cases make the point. A French news outlet reported that a French crypto worker fought off an armed intruder who posed as a delivery driver during a home invasion. In another case, a trader reportedly offered a 10% bounty after a $24 million crypto robbery tied to the wider rise in wrench attacks. These are not software bugs. They are people being targeted because someone believes they can unlock a fortune under pressure. Yes, this cuts against the usual “self-custody solves everything” line. Bear with me: Bitcoin may be hard to seize digitally, but a large holder can still be found, followed, threatened, or coerced. For whales, that risk is real.

What this means

Rising security costs show that crypto firms now have to protect both their systems and their people. That sentence sounds obvious. It was not obvious enough five years ago.

For exchanges, this spending is probably here to stay. Most guides still frame crypto security as a hacker problem. That is only half right. Protecting wallets from hackers is not enough if the people with access to those wallets need guards, secure transport, and protection for their families. Public companies like Coinbase (COIN) will have to keep carrying those costs in operating expenses, and investors should stop treating them as one time emergency spending. They are becoming part of the normal cost of running a large crypto business.

The next question is how companies handle the bill. Higher security spending could mean thinner margins or higher user fees. It could also mean slower hiring, or less money for growth projects. Q1 2026 earnings reports from major exchanges should give a clearer read on whether “security and protection” costs are still rising. Regulators may also get involved if the attacks keep escalating. Would that help? Maybe, but it would probably bring new guidance or requirements for executive protection, adding another expense to an industry that already has plenty of costly problems.