In a harrowing case of physical crypto theft, three men executed a home invasion in the UK in June 2024, disguising themselves as delivery drivers to gain entry at gunpoint and force the victim to transfer over $4.3 million in cryptocurrency to Ethereum addresses. The Metropolitan Police recovered nearly all funds, and Sheffield Crown Court sentenced Faris Ali and two accomplices in November 2024. Blockchain investigator ZachXBT uncovered the plot through on-chain forensics and leaked Telegram chats, revealing the attackers used data breaches to link wallet holdings to the victim's physical address.
Separately, a malicious Chrome extension called "Safery: Ethereum Wallet" ranked fourth in Chrome Web Store searches for "Ethereum wallet" in November, using fake reviews and a polished facade to trick users. Security firm Socket found that the extension stole seed phrases by splitting them into fragments and encoding them into micro-transactions on the Sui blockchain, allowing attackers to reconstruct keys and drain wallets without external servers. The method exploited Chrome's ranking algorithm and low transaction fees on Sui, highlighting gaps in browser security and extension vetting.
Both incidents underscore systemic risks in crypto security, from data breaches enabling physical coercion to browser-based threats compromising digital assets. ZachXBT noted a spike in similar home invasions in Western Europe, while Socket urged users to verify extensions and revoke approvals promptly. The cases raise broader questions about the viability of self-custody and the need for insured institutional solutions or enhanced privacy measures.
