Autor Cointelegraph By Stephen Katte

Estimated losses from global crypto wrench attacks reached $101 million in the first four months of 2026, with most attacks occurring in Europe, according to Web3 security company CertiK.With just 34 documented crypto wrench attacks, the losses have nearly doubled those of 2025, which came in at $52.2 million. Europe accounted for 82% of incidents, according to CertiK. “Our 2025 report documented a gradual tilt from Asia and North America toward Europe, and these first four months of 2026 mark a European hyper-concentration.”The frequency of wrench attacks has increased since 2025. They involve physical force to gain access to a victim’s crypto holdings and have taken the form of home invasions, kidnappings and other extortion attempts. CertiK said there have been 34 attacks since the start of the year.If the trend continues, CertiK predicts that by year-end the number of incidents could hit 130, and losses could reach “several hundred million dollars.”There have been 34 verified wrench attacks worldwide since the start of the year. Source: CertiK France is an epicenter of wrench attacksOf the attacks, 24 crypto wrench attacks occurred in France this year, said CertiK. France’s National Prosecutor’s Office for Organized Crime has reported a higher figure of 47 incidents in 2026.CertiK said France has likely emerged as a hot spot for these kinds of criminals because of the presence of crypto executives from major crypto companies such as Ledger, Paymium and Binance.Crypto holders in France are being targeted more than anywhere else in the world. Source: CertiK It also pointed to numerous data leaks, such as the January breach at crypto accounting firm Waltio and tax official Ghalia C, who is accused of selling crypto asset holder data to criminal networks, and “a culture of flexing and voluntary doxxing that remains deeply embedded in the community.”“Early 2026 marks the shift to a data-driven targeting model in which prior physical surveillance becomes unnecessary once attackers have the victim’s full name, home address, financial profile, and so on.”“The structural takeaway is clear: as the security of protocols and wallets tends to improve, the threat migrates toward the human link. As long as crypto-asset holdings remain associated with identifiable financial data, physical coercion will remain the economically most rational attack path,” CertiK added.Blockchain intelligence company TRM Labs reported in May last year that wrench attacks have been on the rise because of the perceived pseudonymity of crypto transactions, the public visibility of wealth, and the ease with which bad actors can gather personal data online.The criminal teams are often “complete amateurs”Across recorded wrench attacks, CertiK said the orchestrators are often located outside the target country. The criminal teams on the ground usually consist of three to five people, and they frequently pose as delivery drivers or police officers, or lure victims into an ambush with a ruse such as a fictitious business meeting.Related: Law enforcement freezes $41M connected to $150M crypto Ponzi collapse“Most of the time, they are recruited via messaging apps such as Telegram or Snapchat for a few thousand dollars. They don’t know each other and are complete amateurs,” CertiK added.Meanwhile, Casa chief security officer Jameson Lopp has recorded 31 crypto wrench attacks so far this year and reported in March that four cases he was tracking for his list turned out to be mistaken identity, with the thieves attacking the wrong targets. Source: Jameson LoppIn April, at least 88 people, including 10 minors, were indicted in connection with alleged wrench attacks on crypto owners in France.“The growing proportion of minors signals an increasing externalization of criminal liability toward profiles less exposed to mandatory minimum sentences,” CertiK added.Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks  Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Privacy-focused cryptocurrency Zcash (ZEC) has spiked by more than 70% over the past week as crypto traders have been paying closer attention to privacy-focused projects.Zcash traded at about $346 on Friday, May 1, before hitting a seven-day peak of $593.86 on Wednesday. It has since settled at around $570 as of Friday, according to CoinGecko.Pav Hundal, lead market analyst at crypto exchange Swyftx, told Cointelegraph that traders have begun paying closer attention to privacy projects “amid broader concerns about the impact of AI, quantum computing and financial surveillance on crypto.”He added that ZEC was also boosted after Tushar Jain, the co-founder of the investment firm Multicoin Capital, said on Wednesday that it had “built a significant position” in ZEC since February.Zcash is one of the more prominent privacy-focused cryptocurrencies, trailed by its significant rival Monero (XMR), and Jain said it is an attractive investment as “institutions will increasingly seek private assets to protect themselves” from what he claimed was a “political trend to seize private wealth.”Several crypto firms have also recently released new privacy features. The Ethereum scaling solution Polygon launched private stablecoin payments on Sunday, while Aptos Labs’ privacy feature Confidential APT, which conceals token balances and transfer amounts, went live on the mainnet in April.The market intelligence platform Santiment said in an X post on Wednesday that Zcash was “emphatically rebounding,” as fear of missing out and social media mentions of Zcash spiked along with its price.Santiment pointed to a lack of government trust as a possible catalyst for the surge in interest from retail traders. Source: Santiment“The crowd is increasingly viewing privacy-focused assets as a hedge against growing surveillance concerns, tighter exchange regulations and expanding AI-driven data tracking across financial platforms,” Santiment said.Related: Dash Evolution chain integrates Zcash Orchard privacy pool“At the same time, lower market caps across many privacy coins have traders eyeing them as high-upside momentum plays during this mild altcoin rally crypto has seen so far in May,” it added.Zcash rally could be short-livedPrivacy was a significant investment theme for crypto in 2025, with privacy-focused tokens surging last year despite a broader downturn in the rest of the market.  Zcash nearly crossed $700 in November, its highest price since 2018, while fellow privacy coin Monero reached a new all-time high of $797.73 in January.However, neither held on to the gains, and Swyftx’s Hundal said that the recent rally could also be short-lived.“Zcash’s move has some hallmarks of a narrative rotation into privacy coins,” Hundal said. “I’d be careful calling it a clean fundamental repricing just yet. We need more time to see how durable investor interest is.” Magazine: Guide to the top and emerging global crypto hubs — Mid-2026 Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Crypto risk management and infrastructure provider Chaos Labs said its Chaos Oracle Network, which provides data feeds to blockchain applications, was not compromised after a hacking attempt over the weekend by a potential “nation-state.”Chaos Labs founder Omer Goldberg said in an X post Thursday that the company identified an attack over the weekend, possibly by a “nation state,” and immediately moved to a full lockdown. “The surface area was strictly contained to operational wallets we use for routine onchain operations. At no point was the Chaos Oracle Network breached or compromised.”“Chaos Oracles run in a fully isolated environment with nodes distributed globally, protected by layered security and cryptographic controls,” Goldberg said.“The authorities and cyber professionals working with us have characterized the activity as consistent with nation-state attacks,” he added. “The investigation continues, and we will share more as it allows.”State-backed hacker groups, particularly those from North Korea, have been seen as a persistent threat to the crypto space. North Korea-affiliated actors have been accused of stealing at least $578 million across several major incidents in April and have been linked to many of the industry’s largest hacks. North Korea recently rejected claims linking it to global cybercrime, calling the allegations unfounded.Goldberg said that Chaos Labs has rotated all keys since the attempted attack and said there hasn’t been any further suspicious activity. Source: Omer GoldbergRecent industry exploits prompted “highest severity” responseThe April Kelp DAO hack has been one of the year’s largest security incidents, causing broader ecosystem contagion and impacting the interconnected crypto lending market.Drift Protocol, a decentralized cryptocurrency exchange, and at least a dozen other crypto entities were hacked in the same month. Goldberg said against the backdrop of recent exploits, Chaos Labs triggered its “highest-severity incident response” after detecting the attempted hack.“We allocate a substantial share of our operating budget to cyber defense, alerting, and detection,” he added.Several crypto firms shift to ChainlinkBorrowing platform Tydro said it is migrating to the Chainlink oracle platform following the attack on Chaos Labs, adding to the list of crypto firms that have switched providers in recent weeks.Related: Chaos Labs taps out as Aave’s risk provider, decision ‘not made in haste’DeFi protocol Kelp DAO is migrating its restaking token rsETH to the Chainlink oracle platform following the April exploit. It continues to blame the attack on LayerZero’s cross-chain infrastructure, which LayerZero has disputed. Decentralized finance platform Solv Protocol has also flagged plans to migrate its cross-chain infrastructure from LayerZero to Chainlink in “light of recent industry events.”Magazine: Guide to the top and emerging global crypto hubs — Mid-2026 Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Keonne Rodriguez, one of the developers behind the crypto-mixing protocol Samourai Wallet, is appealing to the crypto community for donations to help cover legal bills and fines tied to his trial over money laundering. Samourai Wallet co-founders Rodriguez and William Lonergan Hill were sentenced on Nov. 19 to five and four years in prison, respectively, on charges stemming from their involvement in the protocol.Rodriguez said in an X post on Wednesday that he desperately needs help after being “financially wiped out,” accruing $2 million in debt from legal fees and a $250,000 fine imposed by the sentencing judge.Source: Keonne Rodriguez“We are entirely out of options. We need to pay off these legal bills and other debts accrued attempting to defend myself. We desperately need your help. Now.”The case against Rodriguez and Hill, along with Tornado Cash co-founder Roman Storm, has been closely followed by crypto advocates, many of whom argue they shouldn’t be held responsible for the actions of third parties using their software. They also argue that their convictions risk criminalizing open-source privacy tools and restricting privacy rights.Costs racked up over long legal battleRodriguez and Hill were first charged with conspiracy to commit money laundering and conspiracy to operate an unlicensed money transmitting business in April 2024. They initially pleaded not guilty, but in July 2025, they agreed to plead guilty to one charge of operating an illegal money transmitter.Rodriguez said in an interview with journalist and Bitcoin educator Natalie Brunell last December that he pleaded guilty after crunching the numbers and finding that a conviction would mean significantly more jail time and millions more in legal fees.Online legal marketplace Lawful estimates a criminal defense lawyer can cost on average $200 to $500 per hour, with retainer fees exceeding $10,000. Rates increase based on the type of case, the overall complexity and the number of lawyers working on the case.Presidential pardon likely off the tableUS President Donald Trump said last December that he would review Rodriguez’s case and explore a pardon. There is also a petition for a pardon that had attracted 15,953 signatures as of Thursday.Related: US prosecutors seek Roman Storm retrial after mixed verdictHowever, Rodriguez said that, unlike Trump’s pardons of Binance founder Changpeng “CZ” Zhao and Silk Road founder Ross Ulbricht, his prospects are low.“There was some hope during the Bitcoin 2026 conference, but that has now come and gone, and one must come to terms with the fact that I am simply a federal prisoner without money, power, or influence, and I will serve my full sentence,” he said.“Perhaps it was denial or delusion, but I had hoped to do what I have always done and dig myself out of this hole myself – but with the reality of serving a full sentence that is not possible.”Magazine: Singapore isn’t a ‘crypto hub’ — it’s something better: StraitsX CEO  Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

Investment group BG Wealth Sharing, a suspected $150 million crypto Ponzi scheme, has had its domain seized by law enforcement days after allegedly rug-pulling users.Onchain sleuth ZachXBT said on X on Tuesday that “illicit actors” connected to the group tried to launder more than $92 million in crypto between April 27 and Sunday, but he helped lead an initiative that froze more than $41 million, working alongside Tether, Binance, OKX and US law enforcement.He also said the scheme was likely responsible for losses greater than $150 million, given it’s been operating since 2025 and the “thousands of victim exchange withdrawals identified.”“While these Chinese investment frauds are obvious to most, they purposely target unsophisticated retail investors via social media,” ZachXBT added. “Reading through victim posts, many still seem to be in denial that they were scammed.”Source: ZachXBTThe US Federal Bureau of Investigation reported in April that American victims lost $21 billion to cyber-enabled crime last year, with crypto investment scams accounting for a large share of the losses.BG Wealth Sharing domain seized by US law enforcementAs of Wednesday, the BG Wealth Sharing website displays a notice that it was seized by US law enforcement as part of a joint operation between Operation Level Up and the Scam Center Strike Force.Several regulators had warned that BG Wealth Sharing was an unlicensed entity and advised caution since 2025. In April, the Central Bank of Samoa said it was an investment scam and advised investors to avoid the company.A domain linked to BG Wealth Sharing has been seized by US authorities. Source: BG Wealth Sharing BG Wealth Sharing, according to authorities, claimed to provide guidance on crypto trading, advertised heavily on social media and offered “daily profit opportunities,” referral commissions, rank-based bonuses and a daily yield of 1.3% to 2.6%.Related: Google Cloud flags North Korea-linked crypto malware campaign One last rug pull before going offline, users sayBefore BG Wealth Sharing went offline, purported CEO Stephen Beard told users in a video address Saturday that its DSJ Exchange was on the cusp of an initial public offering and that a 12% tax on account balances was required as part of the regulatory process.BG Wealth Sharing CEO Stephen Beard told users a 12% tax on account balances was required as part of an initial public offering process. Source: ZachXBTBy Sunday, users warned on social media that the whole scheme was a rug pull in progress. On Monday, the Washington State Department of Financial Institutions issued a similar warning.In an update to its earlier post about BG Wealth Sharing, the regulator said it had received complaints from investors and warned that it was likely a scam.“A company that requires an investor to deposit additional external funds in order to withdraw their investment is highly likely to be operating an advance fee scam.”Magazine: DeFi’s billion-dollar secret: The insiders responsible for hacks   Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.