Cryptocurrency criminals stole approximately $713 million from individual investors in 2025, using a combination of digital exploits and physical violence, underscoring the escalating risks in the largely unregulated crypto space.
In 2025, crypto criminals extracted over $700 million from individual investors, marking a significant rise in personal thefts as cryptocurrency adoption grows. Blockchain analysis firm Chainalysis reports that while total crypto thefts reached $3.4 billion last year, attacks on individuals accounted for about 20% of that sum, with incidents doubling from 40,000 in 2022 to 80,000 in 2025. This surge is attributed to improved security at major exchanges pushing criminals towards easier targets: everyday holders who often lack robust protections.
The human cost is starkly illustrated by victims like Helen and Richard, a UK couple who lost $315,000 in Cardano coins after hackers accessed their cloud storage. For seven years, they diligently invested, only to watch helplessly as their savings were transferred to untraceable wallets. “You can see your money there on the public blockchain, but there’s nothing you can do to get it back,” Helen said, describing the agony of visible but irretrievable loss. Their story echoes thousands of others where digital keys are compromised through phishing, malware, or data breaches.
Criminals employ both cyber and physical tactics, with “wrench attacks” – a term coined for burglaries and muggings aimed at stealing crypto – becoming increasingly common. In one gruesome case in Spain last April, a man was shot and held captive for hours while criminals tried to access his wallet; his body was later found in woodland. Similarly, in France, Ledger co-founder David Balland was abducted and had a finger cut off during an extortion attempt. These violent methods highlight how traditional robbery has evolved to target digital assets.
Organized groups like the Social Engineering Enterprise, whose members pleaded guilty in the US to stealing $260 million, use hacked databases to identify and scam wealthy individuals. By cross-referencing stolen data from sources like luxury brand parent company Kering, they tailor phishing schemes, sometimes even orchestrating home invasions. North Korean state-sponsored hackers are also actively targeting crypto-rich individuals, as warned by blockchain firm Elliptic in October.
The regulatory landscape offers little solace. In the UK, the Financial Conduct Authority (FCA) states that crypto remains high-risk and largely unprotected, with victims unlikely to recover losses. Unlike traditional finance, where banks may cover fraud, crypto investors are often on their own, especially if using self-custody wallets. Binance, the largest exchange, has its theft advice page blocked in the UK due to lack of authorization, leaving users vulnerable.
Experts note that the anonymity and finality of blockchain transactions make crypto theft particularly devastating. Phil Ariss of TRM Labs explains that criminal groups comfortable with violence naturally migrate to crypto as it becomes mainstream. Matthew Jones, founder of security firm Haven, adds that the abundance of stolen data enriches target lists, making “Bitcoin millionaires” frequent marks. He advocates for enhanced security features like biometric checks and geofencing in wallets.
Despite the risks, the allure of cryptocurrency persists, with global ownership estimated at 560 million people. Victims like Helen and Richard, who sold family possessions and faced homelessness, still plan to reinvest if they recover funds. The industry faces a critical juncture: as attacks proliferate, stronger security practices and regulatory frameworks are urgently needed to protect individuals from both digital deceptions and physical threats.
