For those with crypto wealth, beware the wrench attack | The Excerpt
On Sunday’s episode of The Excerpt podcast: A rise in street crime tactics means that some wealthy crypto owners have fallen prey to physical attacks. These brazen assaults have come to be known as "wrench attacks." Nick Neuman, CEO of Casa, a cryptocurrency company specializing in security, joins The Excerpt to share his insights.
Let us know what you think of this episode by sending an email to podcasts@usatoday.com.
Hit play on the player below to hear the podcast and follow along with the transcript beneath it. This transcript was automatically generated, and then edited for clarity in its current form. There may be some differences between the audio and the text.
Podcasts: True crime, in-depth interviews and more Paste BN podcasts right here
Dana Taylor:
Hello, and welcome to The Excerpt. I'm Dana Taylor. Today is Sunday, June 15th, 2025. In the high-stakes world of cryptocurrency, cybercrime is no longer the only concern for investors. A rise in street crime tactics means that some wealthy crypto owners have fallen prey to physical attacks and coercion.
You may have seen a recent headline regarding a crypto owner who was kidnapped and tortured in a Manhattan townhouse by criminals who were attempting to steal his Bitcoin. These brazen physical attacks have come to be known as wrench attacks. How can crypto investors protect themselves and their stash from both cybercrime and violent crime? Joining us to dig into crypto security is Nick Neuman of Casa, a cryptocurrency company that specializes in providing security solutions for digital assets. Thanks for joining me, Nick.
Nick Neuman:
Thanks, Dana. Great to be here.
Dana Taylor:
Let's start with the disturbing name given to these crimes, wrench attacks. I'm not sure if you can describe these crimes in a way that isn't graphic, but what is a wrench attack? How did it get the name?
Nick Neuman:
This is a great question because it is a weird name. The name itself sounds very graphic. It comes originally from a comic, actually, and the first scene shows these two guys with this computer saying, "Oh, there's millions of dollars worth of cryptocurrency on this computer, but it's encrypted and it uses all this fancy encryption, and we don't have the password, and dang, we're foiled." Right? "We can't get it."
The next frame of the comic strip, it says ... This is what actually happens, and they say, "Oh, this laptop we have is encrypted. Drug the guy and hit him with this $5 wrench until he gives us the password." And so it's kind of this satirical drawing, very basic drawing, and something that gets to the heart of some of these problems, and how people protect their cryptocurrency. But that name, even though it started in this comic, caught on and really has been used throughout the years since this comic was published to describe this type of physical attack.
Dana Taylor:
The first line of cryptocurrency security is safeguarding the private keys, which are needed to access crypto holdings. These function as passwords for the owners. What's led to the rise of physical attacks?
Nick Neuman:
Well, first of all, the attacks are very sad to see, and this is something that we are working really hard to help reduce. If you look at the amount of attacks that has happened over the years, the largest number of these documented attacks, there's actually potentially many more undocumented ones, happened back in 2021, where there was documented about 35 attacks in the year, and in 2025, just in the first half of the year alone, were already all almost to 30 documented attacks. And so this year is certainly one where it's been an increase, and we're pacing ahead of past years. So why is it happening more now? I think a big part of it is because of the increase in value of Bitcoin and other cryptocurrency, and so people see this as an opportunity, right? This seems like a higher payout opportunity that people want to take advantage of, and it happens because they think they can get away with it.
Dana Taylor:
Criminals seem to know who to target. Is flashing one's wealth an accepted part of crypto culture? Is it even possible for someone to know how much crypto you have without you disclosing it?
Nick Neuman:
Well, generally, we recommend that people don't flash how much crypto they have, just like you typically don't walk around, talking about how much money is in your bank account, but that doesn't mean that there aren't ways of finding that out, or there aren't people that choose to do that. And so one way that, even if you were completely private about how much Bitcoin you have, there have been problems with exchange leaks, where data from cryptocurrency exchanges have been leaked through any number of different avenues, whether it's people inside the company who are getting paid to share that information out with others, or whether it's just a cyber attack that was able to get access to the exchange's database. The exchange has all of this really sensitive data on people. It has their names, where they live because of KYC rules, where you have to collect that information on your customers in order to serve them as an exchange, and then it has the amount of cryptocurrency that they own or have bought over the years. And so this information is out there in the world and available on dark web markets and other places that bad actors can take advantage of.
Dana Taylor:
Crypto is, of course, a digital currency. Those assets can be stored in digital wallets or in physical devices. Are there any built-in safeguards with either of those storage types that mitigate the risk of physical coercion?
Nick Neuman:
So when people are storing their Bitcoin on a traditional software wallet or hardware wallet, where they've got this one device, that all they need is that device to go send money to anywhere, potentially an attacker, then that gives someone, an attacker a lot of leverage. So you have to make sure that you set up your wallet in such a way that you do not have that single point of failure. You don't want to have that single wallet with you at all times, where anybody can steal it. Think of it like the cash in your wallet. You don't walk around, carrying tens of thousands, hundreds of thousands, millions of dollars of cash on your person.
You put it in a bank, you put it in other places so that you aren't at risk of being robbed. The same principle applies with Bitcoin.
Dana Taylor:
Nick, you've been building Bitcoin wallets for the last decade in terms of security. What new challenges have been created by AI deepfakes?
Nick Neuman:
AI deepFakes are certainly a challenge, because the security precautions that people put in place, that rely on having a video call with somebody, and people have trusted that, "Hey, if I have a video call with you and you tell me to move some money on my behalf or to approve a transaction, then I'm going to do it because I believe that this is you," and it was historically a pretty good way to verify authenticity. Now, the AI video models have gotten so much better, that it is becoming more and more of a problem, where people need to do more to authenticate themselves and to vet that they are actually approving moving money. This is not just a cryptocurrency problem. This is a problem in the traditional financial world too. I think a year ago or so maybe, there was a company that ended up wiring a bunch of money to a place that they got tricked into sending the money to, and that was because of an AI deepfake.
Dana Taylor:
And are there other kinds of phishing scams that investors in crypto should be watching out for right now?
Nick Neuman:
So a lot of attention goes to the wrench attacks, right? It's something that it's very violent and graphic, but actually, much more money has been stolen due to social engineering, which is another type of attack. So what is social engineering? Phishing is one form of this, but this is when somebody calls you, or emails you, and pretends to be somebody who is helping you. So they'll call you and say, "I'm from such and such cryptocurrency exchange."
"Your account is in danger. Somebody has access to it, but don't worry, I'm going to help you." And then they help you by moving your money to another account, and that account happens to be owned by them. And so if you aren't aware that this could happen, then this is something where people, especially older people, can get tricked very easily. And even just over the last year, hundreds of millions of dollars were stolen from people's exchange accounts on some of the major exchanges from social engineering.
Dana Taylor:
Most crypto can't be recovered without private keys. Are there any policies or technologies that could allow for recovery after theft, or would those options compromise decentralization?
Nick Neuman:
When you think about how the traditional banking system has been built up, you started with some physical asset that had irreversible transactions, just like Bitcoin. So with gold, or cash, paper money, people would exchange that, and you couldn't get that back. And so they started putting it in banks to make it easier to transact, and then that added this layer of reversibility to it. So if there's fraud on your credit card or in a bank transfer, you call your bank and you ask them to take it back and put it back into your account, and usually, they can do so, but in order to get that capability, you also give up control of the asset. So in this new world of Bitcoin, how do you protect against this, or after the fact, or how do you try to recover funds after the fact?
A lot of times, it requires working with law enforcement, who can go and help find and arrest the people who stole from you in the first place, and this is something that has happened successfully over the years. But the best defense is really protecting yourself upfront, making yourself a harder target so that people aren't going to view this as you, as somebody who they can get a bunch of money from if they're able to successfully pull off one of these thefts. So you have to remove that reward in the risk reward equation.
Dana Taylor:
There are insurance options available to crypto owners, although coverage isn't widely available or standardized, like more traditional insurance. What are your thoughts regarding cryptocurrency insurance?
Nick Neuman:
I think the thing that people don't fully understand about cryptocurrency insurance is that the insurance is all about making sure that you eliminate as much of the potential loss vectors, or ways that you can lose money as possible upfront, and then you ensure against the little potential slivers of what might happen in a worst case scenario. And that's how all insurance works, right? And so what that means is you are not just paying for insurance and not having to worry about your security, you still have to do your security right, and then the insurance is there to cover those one or two weird cases, where something slips through the cracks of security overall.
Dana Taylor:
Crypto culture is keen on the idea of financial liberation from traditional banking systems, as you've said. Unlike credit cards or banks, most transactions can't be reversed. That permanence, touted as a feature of cryptocurrency may also be a flaw. Are there practical solutions, a specific one that you would point to? What are your thoughts here?
Nick Neuman:
It's two sides of the same coin. Without the irreversibility of Bitcoin, you actually don't get the freedom and full control that individuals can have over it as money, because if you add these layers of reversibility, where some bank, Bitcoin bank that you call can reverse a transaction that wasn't supposed to happen. That also means that they can freeze your account. They can kick you out of the bank. This is the fundamental trade-off that we are looking at as an industry, and the irreversibility of transactions is a feature, not a bug, and it's something that when used correctly, you really benefit from as an individual. So that's just something that people have to take into consideration and use the right tools to help them navigate this new landscape of Bitcoin properly.
Dana Taylor:
Nick, thank you so much for being on The Excerpt.
Nick Neuman:
Thank you very much.
Dana Taylor:
Thanks to our senior producers, Shannon Rae Green and Kaely Monahan, for their production assistance. Our executive producer is Laura Beatty. Let us know what you think of this episode by sending a note to podcast@usatoday.com. Thanks for listening. I'm Dana Taylor, Taylor Wilson. Be back tomorrow morning with another episode of The Excerpt.