Binance Launches “Withdraw Protection” as Crypto Wrench Attacks Surge 75% in 2025

The world’s largest cryptocurrency exchange has rolled out a long-awaited security feature designed not to stop hackers — but to stop criminals armed with physical threats.

For years, the cryptocurrency industry has poured billions into defending against digital attackers: phishing scams, SIM card swaps, seed phrase theft, and elaborate social engineering campaigns. Yet one threat has stubbornly resisted every technological fix — the criminal who simply shows up at your door.

In the crypto community, this is darkly referred to as a “wrench attack,” a nod to the blunt idea that even the most airtight digital security can be defeated by someone threatening bodily harm. Now, Binance is fighting back with a new tool built specifically to neutralize that threat.

On May 4, 2026, Binance officially announced the rollout of Withdraw Protection, a user-controlled feature that allows account holders to lock all on-chain withdrawals from their Binance accounts for a set period — anywhere from one to seven days. The lock period is user-defined between one and seven days, during which assets cannot be withdrawn from the exchange. Once activated, no one can move funds out of the account — not even the account owner themselves.

Binance launched “Withdraw Protection”

A Problem That Has Been Growing for Years

The timing of the launch is no coincidence. According to data from CertiK, verified physical coercion incidents against crypto holders rose 75% in 2025, reaching 72 confirmed cases. Assault-related incidents jumped 250%. 

So-called wrench attacks involve kidnappings, threats, or violent home invasions that aim to force crypto holders to sign transactions on the spot instead of hacking them online. Binance points to data from Jameson Lopp’s public repository, which has recorded 316 kidnap and ransom-style incidents against crypto holders since 2014, including 79 ransom-focused attacks in 2025 and at least 27 more already reported in 2026. 

Several high-profile cases have made international headlines and added urgency to the issue. In one high-profile case, Ledger co-founder David Balland and his wife were abducted from their home in France in January 2025 by suspects seeking a multi-million dollar ransom. And in another attack last month, hooded men with firearms reportedly extorted approximately over $800,000 in digital assets from a family in France. 

These incidents expose a fundamental flaw in how crypto security has traditionally been designed. The industry has created defenses against digital exploits, such as phishing and imposter scams, SIM swaps, and seed phrase compromises, but it has yet to find a technological solution to so-called “wrench attacks.” “There’s a category of risk those defenses don’t cover: physical coercion. These are situations where someone is pressured, in person, to move their own funds,” Binance said in a blog post.

Crypto hacks hit record high in April 2026

How Withdraw Protection Works

Binance’s withdrawal lock is designed around one idea: remove the ability to act under pressure. Once enabled, withdrawals are completely disabled for a set period — and cannot be overridden, even by the account holder. That is precisely the point. In a coercion scenario, the victim can truthfully tell an attacker that transferring funds is simply impossible.

The mechanism is straightforward. Users can choose whether early unlocking is allowed; if it is, both an authenticator app and a security key must be enabled, with email and phone/SMS verification available as optional additional checks. A “strict lockdown” option disables early unlocking entirely, and Binance says the selected lock period cannot be overridden by the exchange under any circumstance. The default lockdown period is set to 48 hours, though users can adjust it before activating the feature. 

Importantly, the lock does not freeze the entire account. Users can continue to trade, manage open positions, and access their account normally — only withdrawals are suspended. This makes it practical for active traders who still want to protect long-term holdings against physical threats.

Binance’s Chief Security Officer Jimmy Su said the company built the feature after observing cases involving risky or potentially coerced withdrawals. “We are seeing a pattern where some of the users might go to more risky geographical locations,” Su said.

How withdraw protection works (Source: Binance)

The Logic of a Time Lock

The core value proposition of Withdraw Protection is delay — and delay alone. A time lock changes the calculus: a user who activates Withdraw Protection before traveling to a high-risk region cannot be forced to move funds at the destination, even under physical threat.

Su also pointed to the irreversible nature of crypto transfers. Once assets are moved on-chain, there is typically no bank-style reversal process. A withdrawal delay gives victims more time to escape danger, contact others, or wait out the lock period.

Even in a successful compromise, the attacker would need to wait out the lock period to extract assets — and during that period, the legitimate user has time to detect the breach and take counter-action. 

An Industry-Wide Conversation

Binance is not the first exchange to experiment with withdrawal delays. Similar tools have existed for some time: Coinbase offers Vaults with a 48-hour delay, and Kraken has its Global Settings Lock. What has changed now is the volume of threats. Binance’s feature arrives at a moment when physical attacks against crypto holders have become impossible to ignore. 

There are important caveats to understand. Because the lock is enforced by Binance — not by cryptography — users are trusting the platform’s systems and policies. It’s a different model than protocol-level protections like timelocks or multisig. Additionally, the feature does not block law enforcement orders. “This does not prevent law enforcement from taking action on accounts,” Su said. 

Binance was clear in the announcement that Withdraw Protection is not a substitute for good cyber hygiene. The exchange continues to encourage whitelisting withdrawal addresses in advance, maintaining strong authentication, and avoiding public discussion of crypto holdings. 

Su’s broader advice to the community was equally pointed. “Crypto users need to protect their online presence,” Su said. “Trying to protect the confidential information in terms of how much they have in crypto. Make yourself a harder target.”

A New Security Standard

Under CEO Richard Teng, this signals a change in how the industry is thinking about risk — moving beyond hacks and exploits, and toward the real-world threats crypto holders increasingly face. 

Jimmy Su, Chief Security Officer at Binance, framed the feature as part of a broader shift toward proactive, user-driven controls. “User protection is important across all digital and financial platforms, and security is most effective when it is both proactive and user-driven,” Su said. 

Users can activate Withdraw Protection directly through their account security settings on both the Binance app and its web platform. The feature is being rolled out progressively across all regions.