Criminals Hunt Families of Crypto Entrepreneurs

Crypto company executives are increasingly concerned about the rising number of attacks aimed at stealing and extorting digital assets, so they are turning to the services of bodyguards. This was reported by the WSJ . On May 13, the daughter of Paymium cryptocurrency exchange founder Pierre Noizat was attacked by three masked men in the Parisian neighborhood of Le Marais. The attackers, armed with gas spray cans and a toy gun, attempted to drag the woman and her child into a minibus. The victim’s husband intervened and received a blow to the head, while a neighbor managed to get the child to safety. The attackers fled as locals began to rush to the scene. This incident is part of a global wave of violent attacks in which criminals use physical force rather than digital tools to extort cryptocurrency. In recent months alone, five such cases have been recorded in France. In Estonia, an Australian crypto billionaire narrowly escaped kidnapping, and in Houston, USA, an influencer’s home was attacked at night by assailants demanding her laptop. ”People are getting to the ‘hide the gold under the mattress’ level, but that doesn’t protect against real threats,” said Casa co-founder Jameson Lopp. Crime in the industry has intensified amid the rising value of Bitcoin and a surge in data breaches. In 2020, hackers breached Ledger’s customer database, revealing the addresses of 272,000 users. Later, a similar incident occurred with Kroll, giving attackers access to the personal data of Genesis customers. Information from these leaks is now being distributed on the darknet. ”The younger generation is great at doxxing-they match data from different sources to find the victim,” explained MetaMask researcher Taylor Monahan. France Prioritizes Security On May 14, 2025, French Interior Minister Bruno Retaillot held a meeting with representatives of the crypto industry, proposing new security measures. According to him, the organizers of these attacks often recruit perpetrators through Telegram, remaining in the shadows. One of the most high-profile cases was the kidnapping of Ledger co-founder David Balland in January. The criminals cut off his finger and demanded €10 million in USDT. The crypto community is reacting to these threats by hiding profiles on social media and removing addresses from public registries. Noizat called on authorities to review customer data disclosure requirements to reduce the risks associated with leaks. Halte à la mexicanization de la France. Depuis plusieurs mois, les affaires sordides d’enlèvements et de tentatives d’enlèvement se multiplient. En plein jour. En plein Paris. Sous les yeux de tous. Ce matin encore, une mère de famille de 34 ans, accompagnée de son enfant de… Eric Larchevêque (@EricLarch) May 13, 2025 ”How many more entrepreneurs will consider leaving a country that doesn’t protect its citizens?” wrote former Ledger CEO Eric Larchevêque, calling the situation the ”Mexicanization” of France. Coinbase Reveals Data Theft and Refuses to Pay $20 Million Ransom The Coinbase exchange reported the theft of user data due to the bribery of overseas support staff. The platform’s team refused to pay a $20 million ransom. Cybercriminals bribed and recruited rogue overseas support agents to obtain personal data on less than 1% of Coinbase MTUs. No passwords, private keys, or funds were exposed. Prime accounts were untouched. We will reimburse affected customers. Coinbase 🛡️ (@coinbase) May 15, 2025 On May 11, the company received an email from an attacker claiming to have some customer account information as well as internal documents. Update: Coinbase will spend between $180 million and $400 million to resolve the incident and compensate customers, according to the company’s report to the SEC on May 15. Some users criticized the company for its delayed acknowledgment of the leak. Wintermute CEO Eugene Gaevoy stated: ”This is the dark side of the idiotic and pointless KYC/AML regime we live in. It makes life a little more convenient for law enforcement and geopolitical games, while sacrificing our privacy, heavily taxing virtually all businesses, and making it easier for criminals to rob, kidnap, and commit crimes.” The hackers reportedly paid several contractors and help desk employees outside the U.S. to gather information from internal systems. As a result, the attackers gained access to less than 1% of customers’ data, including names, addresses, and emails, according to the trading platform’s blog. However, passwords, private keys, and user funds were not affected. Customer assets on the Coinbase Prime service were also unaffected. The exchange announced compensation for users who sent cryptocurrency to fraudsters as a result of social engineering attacks. Coinbase has also strengthened security measures: High-risk accounts are now subject to additional scrutiny for large withdrawals. The company is opening a new support center in the U.S. and strengthening security controls and monitoring across all divisions. It is also investing in insider threat detection. Instead of paying a $20 million ransom for silence, Coinbase has created a prize fund of the same amount to reward those who help find the attackers. The exchange is working with law enforcement, and the fired insiders have been handed over to investigators. Coinbase reminded users that company representatives will never call to request fund transfers to ”safe accounts” or ask for 2FA codes.