Rising Physical Security Threats to Cryptocurrency Leaders

When we think of crime involving cryptocurrency, we tend to think of scams and high-profile hacks in which bad actors steal large amounts of cryptocurrency from their victims. However, in addition to cyber threats related to cryptocurrency, there are also various physical security threats that may target those involved with cryptocurrency. These physical security threats disproportionately affect cryptocurrency leaders such as executives, founders, and otherwise high-profile individuals within the industry. These individuals often have considerable wealth including cryptocurrency assets that can exceed millions of dollars in value. Additionally, they may have a public-facing role and may make high-stakes decisions that can significantly alter the value of a coin and thus the wealth of all of those who hold it. For these reasons, it is imperative that cryptocurrency leaders are aware of potential physical threats against them and their loved ones and take appropriate action.Physical threats against cryptocurrency leaders may occur for a multitude of reasons, but the most typical cases may include:

• Bad actors have identified a leader in the cryptocurrency field with substantial cryptocurrency assets, and seek to steal those assets;
• A cryptocurrency leader is known by bad actors to be wealthy, and thus they and their family are seen as prime targets for kidnapping and ransom; or
• A specific cryptocurrency has lost substantial value and the affected individuals (investors) personally blame the leader of the cryptocurrency company for their loss and seek retribution.

Even in the absence of public data on their wealth, cryptocurrency leaders may be assumed by bad actors to have substantial cryptocurrency wealth if they are known to have been an early investor in a popular coin, or if the price of a cryptocurrency they are associated with has increased dramatically in value. Cryptocurrency can make for an attractive reward for criminals as it is easily transferable, may be used to fund other illicit activities, may provide a degree of anonymity, and may be harder for law enforcement to track down and recover. However, criminals may also seek traditional currency or other valuable assets from cryptocurrency leaders. Theft or robbery of cryptocurrency may occur through electronic devices being stolen and compromised, but, due to security and account protection measures, criminals generally need additional sensitive information or even biometrics from an account holder, even if they are in possession of an offline or “hard” wallet. Unfortunately, account access controls have led to situations where cryptocurrency leaders, their family members, or loved ones have been kidnapped and sometimes tortured so criminals can gain full account access or otherwise receive a ransom payment. The below examples demonstrate past attacks that have occurred against cryptocurrency leaders:

• Police arrested five men in Barcelona, Spain in January 2023 when the men attempted to storm a cryptocurrency company’s office armed with taser guns and zip ties.
• A police officer allegedly attempted to kidnap a cryptocurrency trader in India in February 2022 to get a ransom payment of bitcoin worth approximately USD 40 million before his plot was discovered.
• Attackers broke into the home of a cryptocurrency trader in the Netherlands in 2019 and tortured him in an attempt to get him to surrender access to his cryptocurrency holdings.
• The wife of the head of a Brazilian blockchain company was abducted by criminals in 2017 who demanded he pay them USD 40 million in cryptocurrency in exchange for her safety.

Cryptocurrency leaders may also face an increased threat when market conditions or cybersecurity or design flaws cause the value of the cryptocurrency they are associated with to drop dramatically. Even if the drop in value of a cryptocurrency is unintentional or outside of their control, cryptocurrency leaders may be targeted in the form of online threats, harassment, or physical harm. Individuals who have invested heavily in crypto assets may react emotionally to their losses and direct their anger and blame at the figure head of the relevant cryptocurrency company. For example, the founder and CEO of cryptocurrency company Terra had his apartment in Seoul, South Korea broken into by a disgruntled investor in May 2022 after the value of Terra’s cryptocurrency, LUNA, plummeted. Additionally, a cryptocurrency expert in Dubai, UAE was reportedly assaulted and robbed in 2022 by investors upset with him for advising them to make a cryptocurrency trade that lost them millions.Leaders in the cryptocurrency field should consider the following best practices to protect themselves from physical security threats and related attempts to compromise their cryptocurrency assets:

• Minimize their online exposure and the amount of personally identifiable information (such as home address, family information) publicly available to potential bad actors;
• Avoid publicly sharing details about their cryptocurrency holdings, their value, and recent transactions;
• Be careful about accessing their cryptocurrency accounts in public places where someone may see their activity on a laptop or phone, revealing their assets and value to those passing by;
• Ensure they have adequate residential and travel security measures that are commensurate with their heightened threat profile;
• Protect hard wallets from theft by storing devices in secure locations;
• Consider employing professional security services to monitor for online threats of physical harm targeting them;
• Utilize a professional blockchain intelligence capability to monitor for any unauthorized movements of tokens or assets from their wallets;
• Professionalize their security capabilities with a team that understands how to provide protections for high profile persons in the cryptocurrency space, not just physically, but also as cybersecurity professionals;
• Implement best practices for security around their custodial accounts and use password managers to protect keys and sensitive login details.