Skip to Content

Metropolitan Police Bust Crypto ‘Wrench’ Attack: Case Study and Prevention

A Metropolitan Police operation uncovered a ‘wrench’ attack where teens stole cryptocurrency by force. Learn the details, sentencing and practical steps to safeguard your crypto holdings.
5 February 2026 by
TechStora Editorial Board

Case Overview

On June 17, 2024, three teenagers travelled from Sheffield to London, posing as delivery drivers to gain entry to a flat. Once inside, they threatened the occupant with knives and demanded his cryptocurrency holdings.

The suspects recorded the burglary on Snapchat, fled in the victim’s BMW, and were later tracked via automatic number‑plate recognition cameras on the M1 and M6 motorways.

Investigation & Sentencing

Police linked the suspects to the crime through social‑media footage and vehicle tracking. The stolen crypto was recovered within 72 hours and returned two weeks later.

All three defendants pleaded guilty and received a combined 16 years in youth detention. Sentences ranged from 46 to 80 months, with the 16‑year‑old receiving the maximum 80 months.

What Is a ‘Wrench’ Attack?

Security researchers label these incidents “wrench attacks” – physical coercion of crypto holders rather than technical hacking.

  • Attackers exploit personal information leaked or publicly exposed.
  • Victims are identified through data breaches, social‑media posts, reused phone numbers, or public wallet activity.
  • Criminals target individuals because “it’s often easier to coerce a person than to break cryptography,” says Andy Zhou, co‑founder of BlockSec.

Key Risks Highlighted by the Case

  • Over‑exposure of identity, location, and crypto holdings.
  • Single‑point custody – relying on one device or person to move funds.
  • Targeted phishing, SIM‑swap attempts, and unexpected account‑recovery requests.

Practical Prevention Measures

To mitigate wrench‑attack risks, adopt a human‑centric security approach:

  • Limit personal data sharing; avoid linking real identity to wallet addresses.
  • Use multi‑signature wallets or multi‑factor authentication for fund movements.
  • Distribute holdings across multiple custodial solutions.
  • Monitor for signs of targeted phishing or SIM‑swap activity.
  • Regularly audit public footprints and remove unnecessary personal information.

Takeaway

Physical threats to crypto holders are a growing threat, with $41 million lost in 2025 alone—a 75 % year‑on‑year increase. Reducing personal exposure and adding friction to fund transfers can be more effective than relying solely on cryptographic defenses.