This is one of those stories that has the elements of a pessimistic view of cryptocurrency and it’s pitfalls but by the end of it makes you stop and think to yourself “Bad people want money, they will do horrible things to get it, that has always been true.”
Flashing your wealth on social media or being a high profile executive is dangerous, crypto-ties or not.
As usual it's not so much that the scams and attacks are unique to crypto, it's that crypto makes them much worse by willfully ignoring hard-earned lessons in traditional finance. Kidnapping for ransom isn't new, but what is new is that if you kidnap a known crypto whale you can instantly, untraceably and irreversibly extract most of their net worth with a bit of "convincing", without raising any alarms until it's too late.
> it's that crypto makes them much worse by ignoring hard-earned lessons in traditional finance.
Indeed. A friend of mine manages a retail bank branch for a major US bank. She gets a few cases a week where someone appears to be a scam victim or is being coerced in some way. They want to make an unusually big cash withdrawal for their account history, or do an unusual money transfer, or something involving gift cards. She's seen all the standard scams by now, and is experienced in explaining what's going on to the victims. Often she can talk them down, or help them. Sometimes even get previously scammed money back.
A surprisingly large part of retail finance work is dealing with fraud and fixing problems. The routine transactions have been automated for years, after all.
Crypto land lacks this.
This is why some crypto people have most of their coin in multisig wallets. They can only transfer small amounts without getting m-of-n friends to sign their transaction. If your friends know not to do that without hearing a code word, then the alarm will be raised.
Another option is to keep your cold storage in a safe deposit box or private vault, so you have to physically go someplace where there are other people. An advantage of the multisig is that the criminals can verify the situation, possibly before they show up at your house.
If you have enough to worry about someone beating out of you, maybe putting some into professional multiparty custodial systems and/or one or more cold wallets with trustees is a good idea. This idea scales fine with geopolitical risk.
Your "hot wallet" should be like cash, no more than you are prepared to lose/surrender at once.
None of these things are mutually exclusive. Holding a large pile of any one country's fiat is probably the dumbest move. Ownership of physical assets that generate revenue is the smartest.
And to add: Your "hot wallet" being bank issued credit cards for everyday purchases or emergencies that you are prepared to lose/surrender the moment someone tells you to hand over your wallet.
Later log into the accounts, flip the toggle to stolen/lost and mark unauthorized purchases if there are any. Then sleep peacefully knowing new credit cards are in the mail and you are only out the cost of the physical wallet holding the cards that were stolen.
Most people of any significant wealth would have made the delegation long ago to private client banking where a team of people overlook all aspects of the accounts. So yes, you are a fool not to if you have the level of wealth proportional to having it beaten out of you in your geopolitical region.
A custodial service is a bank that operates on a different network and is not FDIC insured (which only covers $250k). It could be insured privately. The interest on an FDIC deposit account is well below true inflation of fiat currencies.
> Flashing your wealth on social media or being a high profile executive is dangerous, crypto-ties or not.
Having your wealth held in a form that can be instantly, irreversibly transferred in a way that can be done anonymously by skilled individuals is an added risk.
Some of the same features that people celebrate about crypto make it uniquely advantageous to people looking to execute these attacks.
Yes, we know that in theory attackers could go after some random high profile person and force them to go through bank transfers and then go through all of the additional steps of washing that money through international banks in a way that hopefully cleans their trail sufficiently.
But anyone planning an attack like that would be drawn to a target that already has their money held in a digitally transferable format that is infinitely easier to launder using the modern array of cryptocurrency tools.
There was a terrible spate of kidnappings in the first half of the twentieth century, the Lindbergh baby being the most notorious, but the police have gotten good at foiling them. They mark the currency, alert all the banks etc.
Most businesses turn their cash over to a bank at the end of the day, so any ransom cash that the kidnappers spend or deposit in a bank is tracked very quickly.
Of course crypto can be tracked as well, but financial institutions are required to follow authority instructions and freeze and reverse assets that may belong to kidnappers. In most crypto there is no authority to reverse the assets.
You can have a system where ids of all wallets containing stolen crypto are kept in a database and nobody does accepts any payments from these addresses. However many crypto advocates are strongly opposed to such a system.
So in conclusion, kidnapping of law abiding citizens for ordinary money has not been happening in the us for a while because the fbi had made it clear that it does not pay. But crypto is a whole other business.
It is hopeful that for all current cases the perpetrators seem to have been caught. But i am afraid there may be more attempts before criminals are convinced it does not pay.
She was involved in crypto, but I don’t think her attackers were after crypto. Seemed a bit too advanced for them.
Being an “Influencer,” these days, means that you get the “famous” part of “rich and famous,” without the “rich” part (quite often).
Being famous (and noticed/admired by others) is important to insecure young folks. Not so much, older people.
Many of the world’s richest people, are completely under the radar. You’d never know it.
In many countries, rich folks (and their families) have to travel around in armored cars, surrounded by goons. Even middle-class people need to surround their homes with broken-glass-topped walls (I used to live in some of those places).
Kidnapping and attacking rich folks is a cottage industry, in many places. The US has been spared (until now).
> Those concerns intensified this week with cryptocurrency exchange Coinbase disclosing that as many as 97,000 customers have had their personal information stolen, including addresses and balance snapshots.
I'm not a professional journalist, but let me give it a shot:
"Those concerns intensified this week, with the disclosure that criminals stole from cryptocurrency exchange Coinbase the personal information of as many as 97,000 customers, including cryptocurrency balances and physical addresses."
Just don't flaunt your crypto, and don't have any visible crypto apps or widgets on your phone either. Whether you are rich or poor, don't look particularly rich. Also, if you hold an ETF like IBIT, that's traditional.
https://archive.is/PJTZP
[dead]
This is one of those stories that has the elements of a pessimistic view of cryptocurrency and it’s pitfalls but by the end of it makes you stop and think to yourself “Bad people want money, they will do horrible things to get it, that has always been true.”
Flashing your wealth on social media or being a high profile executive is dangerous, crypto-ties or not.
As usual it's not so much that the scams and attacks are unique to crypto, it's that crypto makes them much worse by willfully ignoring hard-earned lessons in traditional finance. Kidnapping for ransom isn't new, but what is new is that if you kidnap a known crypto whale you can instantly, untraceably and irreversibly extract most of their net worth with a bit of "convincing", without raising any alarms until it's too late.
> it's that crypto makes them much worse by ignoring hard-earned lessons in traditional finance.
Indeed. A friend of mine manages a retail bank branch for a major US bank. She gets a few cases a week where someone appears to be a scam victim or is being coerced in some way. They want to make an unusually big cash withdrawal for their account history, or do an unusual money transfer, or something involving gift cards. She's seen all the standard scams by now, and is experienced in explaining what's going on to the victims. Often she can talk them down, or help them. Sometimes even get previously scammed money back.
A surprisingly large part of retail finance work is dealing with fraud and fixing problems. The routine transactions have been automated for years, after all. Crypto land lacks this.
Here's a bank's guide to current scams.[1]
[1] https://www.firstcitizens.com/personal/insights/security/top...
This is why some crypto people have most of their coin in multisig wallets. They can only transfer small amounts without getting m-of-n friends to sign their transaction. If your friends know not to do that without hearing a code word, then the alarm will be raised.
Another option is to keep your cold storage in a safe deposit box or private vault, so you have to physically go someplace where there are other people. An advantage of the multisig is that the criminals can verify the situation, possibly before they show up at your house.
People always say "with crypto, you are your own bank" like it's (only) a good thing and not realizing how hard it is to do right.
Couldn't one's crypto pile be divided into multiple wallets, each with different passwords?
Sure. But if I know about how much you've got, then if I've got you, I can beat all the passwords out of you.
Worse: Even if you give me all your passwords, I may want to keep beating until I'm really sure that you're not holding anything back.
If you have enough to worry about someone beating out of you, maybe putting some into professional multiparty custodial systems and/or one or more cold wallets with trustees is a good idea. This idea scales fine with geopolitical risk.
Your "hot wallet" should be like cash, no more than you are prepared to lose/surrender at once.
Or you could just have real money in an insured bank
And your cold wallet could be the stock market or real estate or private equity
Then you're much safer and just as wealthy
None of these things are mutually exclusive. Holding a large pile of any one country's fiat is probably the dumbest move. Ownership of physical assets that generate revenue is the smartest.
And to add: Your "hot wallet" being bank issued credit cards for everyday purchases or emergencies that you are prepared to lose/surrender the moment someone tells you to hand over your wallet.
Later log into the accounts, flip the toggle to stolen/lost and mark unauthorized purchases if there are any. Then sleep peacefully knowing new credit cards are in the mail and you are only out the cost of the physical wallet holding the cards that were stolen.
You are describing a bank!! Just put your goddamn money in a bank.
> maybe putting some into professional multiparty custodial systems and/or one or more cold wallets with trustees is a good idea.
So, you want to delegate your ability to spend your money to other people.
Why not just go to a bank? It can do that for you, plus pay you interest.
Most people of any significant wealth would have made the delegation long ago to private client banking where a team of people overlook all aspects of the accounts. So yes, you are a fool not to if you have the level of wealth proportional to having it beaten out of you in your geopolitical region.
A custodial service is a bank that operates on a different network and is not FDIC insured (which only covers $250k). It could be insured privately. The interest on an FDIC deposit account is well below true inflation of fiat currencies.
You could make passwords too long to remember. Write them down and put them in a safety deposit box.
That's when the bad guys grab one or more loved ones and threaten to do bad things to them until you retrieve the passwords.
True, but that makes for a much riskier proposition for the bad guys. The whole point of these bitcoin grabs is minimal risk.
The risk would be about the same as for any ransom scheme.
> Flashing your wealth on social media or being a high profile executive is dangerous, crypto-ties or not.
Having your wealth held in a form that can be instantly, irreversibly transferred in a way that can be done anonymously by skilled individuals is an added risk.
Some of the same features that people celebrate about crypto make it uniquely advantageous to people looking to execute these attacks.
Yes, we know that in theory attackers could go after some random high profile person and force them to go through bank transfers and then go through all of the additional steps of washing that money through international banks in a way that hopefully cleans their trail sufficiently.
But anyone planning an attack like that would be drawn to a target that already has their money held in a digitally transferable format that is infinitely easier to launder using the modern array of cryptocurrency tools.
There was a terrible spate of kidnappings in the first half of the twentieth century, the Lindbergh baby being the most notorious, but the police have gotten good at foiling them. They mark the currency, alert all the banks etc.
Most businesses turn their cash over to a bank at the end of the day, so any ransom cash that the kidnappers spend or deposit in a bank is tracked very quickly.
Of course crypto can be tracked as well, but financial institutions are required to follow authority instructions and freeze and reverse assets that may belong to kidnappers. In most crypto there is no authority to reverse the assets.
You can have a system where ids of all wallets containing stolen crypto are kept in a database and nobody does accepts any payments from these addresses. However many crypto advocates are strongly opposed to such a system.
So in conclusion, kidnapping of law abiding citizens for ordinary money has not been happening in the us for a while because the fbi had made it clear that it does not pay. But crypto is a whole other business.
It is hopeful that for all current cases the perpetrators seem to have been caught. But i am afraid there may be more attempts before criminals are convinced it does not pay.
Yes tho there is also the element of crypto ppl rediscovering the risks of decentralized & physical stores of value.
> Flashing your wealth on social media or being a high profile executive is dangerous, crypto-ties or not.
Ask Kim Kardashian about that. I don't think she had anything to do with crypto.
Or Amouranth: https://www.click2houston.com/news/local/2025/03/19/teens-ar...
She was involved in crypto, but I don’t think her attackers were after crypto. Seemed a bit too advanced for them.
Being an “Influencer,” these days, means that you get the “famous” part of “rich and famous,” without the “rich” part (quite often).
Being famous (and noticed/admired by others) is important to insecure young folks. Not so much, older people.
Many of the world’s richest people, are completely under the radar. You’d never know it.
In many countries, rich folks (and their families) have to travel around in armored cars, surrounded by goons. Even middle-class people need to surround their homes with broken-glass-topped walls (I used to live in some of those places).
Kidnapping and attacking rich folks is a cottage industry, in many places. The US has been spared (until now).
Of course, but before cryptocurrency a mugger couldn't drain your investment accounts.
They still can't if one doesn't advertise them, doesn't have them obviously visible on the phone, and the criminals don't find out about them.
yea, for sure that was super easy thing to do /s
> Those concerns intensified this week with cryptocurrency exchange Coinbase disclosing that as many as 97,000 customers have had their personal information stolen, including addresses and balance snapshots.
I'm not a professional journalist, but let me give it a shot:
"Those concerns intensified this week, with the disclosure that criminals stole from cryptocurrency exchange Coinbase the personal information of as many as 97,000 customers, including cryptocurrency balances and physical addresses."
Another example of Randall Munroe's prescience:
https://xkcd.com/538/
Although this is the one I'm really worried about:
https://www.xkcd.com/2203/
Just don't flaunt your crypto, and don't have any visible crypto apps or widgets on your phone either. Whether you are rich or poor, don't look particularly rich. Also, if you hold an ETF like IBIT, that's traditional.
If cryptobros didn't flaunt their wealth, crypto wouldn't have been where it is now. Flaunting is part of the spec.
[dead]