Masked gunmen in the south of France have carried out a violent home invasion targeting cryptocurrency, underscoring how physical “wrench attacks” are becoming a growing threat in the digital asset world.
According to local reports, three hooded men stormed a residence on Chemin Champs de Pruniers in Manosque, in the Alpes-de-Haute-Provence region, on Monday evening. Once inside, they confronted a woman, threatened her with a handgun, and restrained her before stealing a USB drive that allegedly contained her partner’s cryptocurrency data.
The attackers are said to have slapped the victim while holding her at gunpoint, demanding access to the device. After seizing the USB stick, the assailants quickly fled the scene. Despite the ordeal, the woman did not suffer serious physical injuries. She reportedly managed to free herself within minutes of the attackers’ departure and alerted the authorities.
A criminal investigation has been opened and assigned to the local criminal investigation department, working in coordination with the regional directorate of the national police. Investigators are now attempting to identify the suspects, trace their movements, and determine whether they had prior knowledge of the victim’s or her partner’s crypto holdings.
The stolen USB drive is believed to have contained sensitive information tied to the partner’s digital assets—likely seed phrases, private keys, or access credentials rather than the coins themselves. While cryptocurrencies do not “live” on these devices, a USB wallet or storage device can be the only way an owner can access their funds, making such hardware an obvious target for criminals.
This incident adds to a worrying pattern. France has increasingly stood out as a European hotspot for so-called “crypto wrench attacks”—a term used in the industry to describe situations in which criminals skip the technical hacking and instead use threats, weapons, or physical coercion to force someone to hand over access to their digital assets. Security researcher Jameson Lopp recorded more than 70 such crypto-related physical attacks around the world last year, with over 14 documented in France alone.
Unlike classic cyberattacks, these crimes unfold in the real world: at people’s homes, workplaces, or even public spaces. Perpetrators often rely on the victim’s fear and lack of immediate protection to extract passwords, recovery phrases, or to force on-the-spot transfers. The Manosque attack follows this template closely—targeting a person perceived to be vulnerable, in a residential setting, with the very specific goal of securing access to crypto wealth.
The rise in these attacks highlights a central paradox of cryptocurrency ownership. Blockchain networks can be extraordinarily resilient against remote hacking, but the weakest link is often the human custodian. If criminals can identify who holds substantial crypto assets, it may be easier to show up at their front door than to break through cryptographic defenses. In other words, the more technically secure the system, the more attractive physical intimidation becomes as a method of theft.
France’s appearance as a hotspot is unlikely to be purely coincidental. Growing retail interest in digital assets, rising crypto valuations, and a thriving tech scene mean more individuals are self-custodying significant sums. At the same time, parts of the country have long struggled with organized crime and armed robberies, and criminal groups are quick to adapt to new opportunities. Crypto, immaterial as it is, can be converted to cash or other assets relatively quickly once thieves obtain the required keys.
For individual holders, the Manosque case is a stark reminder that security cannot be reduced to software and hardware alone. Physical and operational security matter just as much. That includes basic measures such as not discussing the size of one’s holdings publicly, avoiding obvious displays of wealth, and being cautious about who knows that you use hardware wallets or store seed phrases at home.
More advanced precautions can significantly reduce the risk of falling victim to a wrench attack. Multi-signature setups, for example, require multiple independent keys (which can be stored in different locations) to authorize a transaction. Even if one key is stolen under duress, it may not be enough to move funds. Time-locked contracts, spending limits, or segregating “cold storage” from everyday “hot” funds can also limit the damage if someone is forced to reveal a password or plug in a device.
Another often overlooked aspect is how and where backup phrases are stored. Writing a recovery phrase on a piece of paper and keeping it in a bedroom drawer makes it easy not only for fire or water damage to destroy it, but also for intruders to find it during a rushed search. Using secure safes, safety deposit boxes, or geographically distributed storage can lower the chance that a single home invasion results in a total loss.
The Manosque robbery also raises questions about how criminals selected their victim. In many documented cases of crypto wrench attacks, the target is not random. Thieves may gather information from social media posts, overheard conversations, local circles, or even leaks from service providers. People who talk openly about their “crypto gains,” show off trading success, or publicly promote their involvement in digital assets can inadvertently paint a target on their back.
Law enforcement agencies are still adapting to these new forms of crime. Unlike traditional bank robberies, there is no physical vault or cash register to recover, and funds can be moved across borders in minutes. However, investigators can still track on-chain movements, identify patterns, and sometimes connect stolen assets to exchange accounts or other points where criminals attempt to cash out. Cooperation between cybercrime units and traditional police divisions is becoming increasingly important in solving such cases.
For policymakers, the growth of these attacks highlights a need to better integrate personal digital asset security into broader crime prevention strategies. Public awareness campaigns, training for local officers on how crypto wallets and seed phrases work, and clearer legal frameworks about coercion and extortion in the context of digital assets could all help close the gap between technology and on-the-ground policing.
For now, however, responsibility rests heavily on individual users. As cryptocurrencies move further into the mainstream, holders need to think of themselves not just as investors, but as custodians of valuable, highly portable, and non-reversible assets. That means considering not only “How do I keep my wallet from being hacked?” but also “What happens if someone shows up at my door and demands access?”
The attack in Manosque may prove to be one of many similar incidents, or it could become a high-profile example that pushes more users to rethink how they protect their digital wealth. Either way, it underscores a growing reality: in the age of crypto, personal safety and financial security are more tightly interlinked than ever before.