A man answered his door expecting a package. What arrived instead was a team of thieves posing as pizza delivery drivers who bound him with duct tape, beat him with a firearm, threatened to cut off his fingers, and walked away with $13 million in cryptocurrency. The entire theft took roughly one hour.
That attack, which occurred on November 22 in San Francisco’s Mission Dolores neighborhood, was not an isolated incident. At least three linked attempts followed in Sunnyvale, San Jose, and Los Angeles in the weeks after-and they share a method that no password manager or two-factor authentication can stop.
The Pattern: Why Crypto Wealth Makes You a Physical Target
These crimes have a name in security circles: $5 wrench attacks. The term-originally coined in a 2011 web comic-captures the core logic. If a criminal cannot crack your encryption, they skip the technical problem entirely and apply pressure directly to you. The tool is not sophisticated. The leverage is your safety.
Security consultant Ordekian put it plainly: a perpetrator who lacks the technical expertise to hack into a crypto wallet can resort to cruder methods. That observation is no longer theoretical. It is a case file.
The San Francisco victim lost $10 million in Bitcoin and $3 million in Ethereum in a single forced transfer. Because cryptocurrency transactions are irreversible by design, there is no fraud department to call, no chargeback to file, and no grace period. Once the seed phrase leaves your control, the funds are gone. Think of it like a safe bolted to your floor-except the combination is stored in your head, which means the safe is only as secure as you are.
This vulnerability is not new, but it is accelerating. Violent crypto kidnappings have been documented across Europe as well, with France’s SIRASCO organized crime unit tracking dozens of cases involving the physical coercion of crypto holders. California’s recent wave fits a pattern playing out globally as the asset class grows and wealth becomes more visible.
If you hold meaningful crypto, someone somewhere may already be looking for you. Whether they can find you is a different question.
The Mechanism: How Attackers Identify Their Targets
The San Jose victim’s timeline is worth studying closely. Two unsolicited pizza deliveries arrived eleven days before the attack. Two days before the attack, strangers offered to pressure-wash his driveway for free. On the day itself, an armed suspect was waiting in his driveway. That is not random. That is reconnaissance.
In several Bay Area cases, investigators believe suspects infiltrated victims’ DoorDash or Uber Eats delivery accounts to obtain home addresses. A username linked to a crypto forum or exchange account is often enough to connect a digital identity to a physical location-especially when that same username has appeared in public transaction records, Discord servers, or social media profiles showing off portfolio screenshots.
The Los Angeles cases exposed an additional vector: young crypto holders, sometimes called “crypto kids,” who accumulated significant sums and made their wealth visible on platforms like Instagram.
A former LAPD officer, Eric Halem, was convicted in March 2026 for robbing a 17-year-old who arrived in the city carrying a hard drive with $350,000 in stolen Bitcoin. The public display of wealth made the target selection trivially easy.
Blockchain data is public by default. If your wallet address has ever appeared in a forum post, a tax document screenshot, or a social media flex, someone with modest research skills can estimate your holdings without hacking anything. You are essentially living in a glass house, and some people are now walking past with maps.
Follow 99Bitcoins on X and subscribe to YouTube for ongoing crypto security coverage.
The post Violent Crypto Robberies Rise in Los Angeles and Bay Area appeared first on 99Bitcoins.
