UK Teens Jailed After $4.3M Wrench Attack Robbery Caught on Police Video

In brief

• Three UK teenagers have been jailed after carrying out a “wrench attack” robbery in which $4.3 million in crypto was stolen.
• Metropolitan Police said the suspects forced a victim to hand over crypto and car keys in a Hoxton burglary.
• The stolen cryptocurrency was recovered within 72 hours and returned two weeks later, police told Decrypt.

Three teenagers have been jailed following a “wrench attack” in which $4.3 million worth of cryptocurrency was stolen at knife point. In a video released by the Metropolitan Police on Thursday, the trio were shown posing as delivery drivers to gain entry to a flat, where they threatened the occupant with knives and demanded his cryptocurrency holdings.

Police said the suspects travelled from Sheffield to London on June 17, 2024, before carrying out the burglary, which was later linked to them through social media footage and vehicle tracking following the theft of the victim’s car.

The suspects, who were aged 16 and 17 at the time, recorded themselves on Snapchat leaving the scene in the victim’s BMW, footage police later used to help identify and link them to the burglary. Officers were alerted when the stolen vehicle triggered an automatic number plate recognition camera on the M1 in Northamptonshire less than three hours later, before the car was eventually stopped on the M6 in Warwickshire following a brief pursuit. The victim’s crypto was “recovered within 72 hours and returned two weeks later,” a representative from the Metropolitan Police told Decrypt. 

The three defendants were sentenced to a total of 16 years in youth detention after pleading guilty to charges linked to the burglary and car theft. Individual sentences ranged from 46 to 80 months, authorities confirmed with Decrypt. A minor who police said cannot be named for legal reasons “pleaded guilty to aggravated burglary, possession of criminal property and theft of a motor vehicle.” The minor received 80 months in custody. The case was "a clear example of how the suspects thought posting their criminal exploits on social media would build them a following, however all it built was the case against them,” Detective Constable Jonathan Leung said in a statement. Crypto “wrench attacks” Security researchers in the crypto industry say the case reflects a well-established pattern in which attackers bypass technical safeguards by targeting individuals directly, often after identifying victims through leaked or publicly exposed personal information. These so-called “wrench attacks” have resulted in more than $41 million in losses in 2025, marking a 75% year-on-year incidence growth rate, with France being at the center of the crime wave. “This isn’t a new tactic. Law enforcement, including the FBI, has documented “wrench attacks” for years, where cases where criminals physically target crypto holders instead of hacking wallets,” Andy Zhou, co-founder of blockchain security firm BlockSec, told Decrypt. The core idea, Zhou explained, is that “it’s often easier to coerce a person than to break cryptography.” Most cases begin with information exposure instead of outright violence, he said.

“Data leaks, breached customer records, or publicly available online information can be combined to identify who likely holds crypto and where they live,” he noted. The most common mistake is overexposure, Zhou said, noting that, “People unintentionally link their real identity, location, and crypto holdings through data breaches, social media, reused phone numbers, or public wallet activity.” Common risks include single-point custody, where one device or person can move funds immediately, increasing exposure to coercion, Zhou said. He added that warning signs include targeted phishing, unexpected account recovery attempts, SIM-swap symptoms, and unusual contact with individuals or internal systems. “The practical takeaway is simple,” Zhou said, explaining that, “we need to assume attackers may target humans. Reducing personal exposure and adding friction to fund movements often matters more than adding another layer of cryptography.”