In May 2025, in the heart of New York, an event occurred that resembled more a horror movie than a business dispute. 37-year-old crypto investor John Welz is accused of kidnapping and torturing his own partner in order to get the password to his Bitcoin wallet. Together with an accomplice, 33-year-old William Duplessis, they held the victim hostage for three weeks in an apartment in the SoHo district, beating him, threatening the man’s family and demanding access to his crypto assets.
This type of crime got its name from the English expression “ wrench attack ” — when digital protection is powerless against physical force. Experts from TRM Labs say that such attacks are gaining momentum around the world, as even the most powerful digital protection is worthless in the face of physical violence.
“Wrench attack” is a new type of threat that has emerged as a result of the growth of cryptocurrency wealth. Many investors or traders store large amounts of money on hardware wallets or even in the cloud – they are the ones who become targets if information about their wealth becomes publicly available. The incident in New York only emphasizes the fragility of the line between cybersecurity and physical protection. If criminals can’t crack a password, they “crack” a person.
Protecting cryptocurrency is not only a matter of digital hygiene. In the era of “wrench attacks” it is also necessary to take care of personal security: avoid publicity about wealth, do not disclose financial information, store keys in multi-signature wallets or without physical access. As we improve our cybersecurity, criminals are returning to the good old methods of “interrogation with passion.”
