Bitcoin News Today: Physical and Cyber Threats to Crypto Holders Surge 80% Amid Bitcoin Bull Run

Generated by AI AgentCoin World
Monday, Aug 11, 2025 2:33 am ET2min read
BTC
--
COIN
--
Aime RobotAime Summary

- 2025 sees surge in physical threats against crypto owners, with "wrench attacks" targeting victims holding as little as $6,000 in assets.

- Data breaches from exchanges like Coinbase and Apple expose 16+ billion credentials, enabling criminals to track victims via leaked home addresses and identities.

- Sophisticated cybercriminal group "GreedyBear" combines 650+ malicious tools (browser extensions, malware, scams) to steal $1M+ in crypto through AI-powered attacks.

- Experts warn of escalating risks as Bitcoin's bull market correlates with violent crime spikes, urging stronger security vetting and user vigilance.

Physical threats against cryptocurrency owners have reached alarming levels in 2025, with violent attacks and cybercrime escalating in tandem with Bitcoin's rising value. At the Baltic Honeybadger 2025 conference in Riga, Latvia, Alena Vranova, founder of SatoshiLabs, highlighted the growing prevalence of “wrench attacks”—a term used to describe situations where individuals are coerced into surrendering private keys under threat of physical harm [1]. Vranova noted that these attacks are not limited to high-net-worth individuals, with victims as small as $6,000 in crypto being targeted through kidnapping, torture, or even murder. She attributed this surge to data leaks from centralized crypto exchanges, which have exposed over 80 million user identities online, including 2.2 million home addresses. This information provides criminals with the detailed data needed to track and target victims directly [1].

The correlation between Bitcoin’s bull market and the frequency of these crimes is clear. Vranova emphasized that violent incidents tend to spike during periods of high market enthusiasm, a pattern reinforced by recent data breaches from major platforms. In May 2025,

Coinbase
disclosed a breach that exposed customer home addresses, while in June, Cybernews reported that leaked data from
Apple
, Facebook, and
Google
had compromised over 16 billion login credentials [1]. These breaches not only facilitate physical attacks but also open the door to phishing, social engineering, and identity theft, further compounding the risks for crypto holders.

In parallel, the cyber threat landscape has also evolved dramatically. Koi Security recently uncovered a sophisticated threat actor known as “GreedyBear,” which has stolen over $1 million in cryptocurrency through a coordinated campaign of fake browser extensions, malware, and scam websites [1]. Tuval Admoni, a researcher at Koi Security, noted that GreedyBear has “redefined industrial-scale crypto theft” by combining three distinct attack methods simultaneously—a strategy that marks a shift toward more complex and ambitious cybercrime operations [1].

The campaign involved more than 650 malicious tools, including over 150 fake browser extensions published on the Firefox marketplace. These extensions mimicked popular crypto wallets like MetaMask and TronLink using a technique called “Extension Hollowing,” where legitimate extensions were initially used to pass security checks before being repurposed to steal user credentials. This method allowed the malicious extensions to retain positive user ratings and trust before being weaponized [1].

In addition to browser-based attacks, GreedyBear deployed nearly 500 crypto-targeted malware samples, including credential stealers like LummaStealer and ransomware like Luca Stealer. Much of this malware was distributed via Russian websites offering pirated software [1]. The third prong of the operation involved a network of scam websites that impersonated legitimate crypto products and wallet repair services, designed to appear polished and trustworthy to lure users into revealing their private keys.

A central command-and-control server coordinated these attacks, and researchers found evidence of AI-generated code being used to scale and diversify the threat rapidly. Admoni warned that this marks the new normal for online threats against crypto holders, while Deddy Lavid, CEO of Cyvers, emphasized the need for better vetting by browser vendors, greater transparency from developers, and stronger user vigilance to counter these increasingly sophisticated threats [1].

As both physical and digital threats continue to evolve, the broader crypto community is being pushed to adopt stricter personal safety and cybersecurity measures. With the convergence of data leaks, cyberattacks, and violent crimes, the risks for crypto owners are more acute than ever, signaling a critical turning point in the ongoing battle for digital asset security.

---

Source:

[1] title1: Physical Threats to Crypto Owners Hit Record Highs

https://coinpaper.com/10443/physical-threats-to-crypto-owners-hit-record-highs

Comments



Add a public comment...
No comments

No comments yet