Crypto Investor Charged with Kidnapping and Torturing Man for Weeks

https://www.nytimes.com/2025/05/24/nyregion/crypto-investor-torture-italian-tourist.html

67•jonas21•6h ago

Comments

frontfor•5h ago

When the weakest link between the criminal and the cryptocurrency is a single person (the holder himself in this instance), that person alone would need to withstand all attacks and “rubber hose cryptanalysis”.

fallinditch•4h ago

The most effective protection is a combination of discretion, strong security practices, and advanced wallet configurations like multisig and passphrase protection.

You could store passphrases in a hardware wallet in a bank vault in a small European country.

fortran77•3h ago

That won’t stop you from being tortured. You need to make sure nobody knows you have cryptocurrency

thebruce87m•2h ago

> You could store passphrases in a hardware wallet in a bank vault in a small European country.

A little bit of irony here having to store your crypto related stuff at a bank to keep it safe.

defrost•1h ago

Not all bank vaults are in banks, here's the basement of a prog rock musician and his wife's house (a former bank(?)) .. https://www.youtube.com/watch?v=CM6iqwcyC1A

Physical security for digital credentials is the main point here, that doesn't always imply a regular bank, many modern banks lack the bank vaults of yore in any case.

Tangentially, avoid showing up unannounced at grandparents house: https://www.youtube.com/watch?v=oZZmFG07OVs

grues-dinner•1h ago

And in the "socialist" Big Government over-regulated hellscape of Europe no less.

I would have thought one of those libertarian seasteads or enclaves would be axiomatically the best place for such things?

baxtr•5h ago

"Brute force attack"?

psandor•5h ago

Of course there's an XKCD about this: https://xkcd.com/538/

mediumsmart•5h ago

Man Charged with Kidnapping and Torturing Crypto Investor for Weeks

considering that the crypto investor was a man and assuming that the man acquired the wallet he was tortured for by investing in crypto.

gundmc•5h ago

This would have been a much more accurate phrasing.

greatpostman•5h ago

Theres alot of really rich crypto people in nyc that are up to no good.

bpodgursky•5h ago

This is said to happen in Russia all the time, except the police never intervene and the bodies are just incinerated once the keys are tortured out.

add-sub-mul-div•5h ago

Technology isn't even a cool field anymore, the major innovations (crypto, blockchain, AI) have such a film of sliminess around them. You have to ignore or be ignorant of the fact that they're going to be used for scams and bullshit more than for good.

stephenr•3h ago

> the major innovations

You mean the overhyped extremely niche technologies?

nailer•3h ago

The idea that a technology that challenges Google search, and digital money are ‘niche’ is… odd.

smckk•5h ago

Stay safe out there.

Personal and physical security for founders, operators, and investors

[0] https://a16zcrypto.com/posts/article/personal-physical-secur...

CyberMacGyver•5h ago

Pretty rich coming from a16z, someone who famously rug pulled Solana investors.

Maybe there should be a version for investors to stay safe from a16z also

nailer•3h ago

What’s the back story behind this?

rwmj•1h ago

There was an article in the Atlantic about this (https://www.theatlantic.com/ideas/archive/2025/05/extreme-pe...) mentioning crypto founders and whales who go to quite extraordinary lengths to keep their home addresses and other information private.

nikkwong•5h ago

Had Satoshi known the impact his innovation would have had on the world, all said and done, I bet he would have chosen to keep it under covers.

superkuh•5h ago

People have been kidnapping other people to force them to give up their valuables for millennia. It's far from a new or unique thing in this context.

anonymousiam•3h ago

True, but crypto is easier to launder. I feel safer with my money at a brokerage or a bank.

cperciva•5h ago

This is part of why I designed Tarsnap to keep data as secure as possible, even from me. If someone stores their crypto keys -- or world domination^W optimization plans -- on Tarsnap, I don't want to get kidnapped and tortured by anyone trying to steal that data.

chistev•4h ago

Who can access it?

ta988•4h ago

the person who uploaded it only (or whomever they shared keys with)

lazide•2h ago

Okay, so kidnap them, right?

brazzy•3h ago

You really think the kind of people who do such things will read your website and just give up? "Aw shucks, he's using e2e encryption, no point trying anything"?

razemio•3h ago

You missunderstood the comment. He can not access the data. You need to find the person who uploaded it, despite him hosting said data.

VTimofeenko•2h ago

I think you misunderstood the comment. Or maybe I did.

My understanding: the rubberhose crypto-analysis, even if unsuccessful, will result in some major damage done. Determined attacker might try to apply it regardless of any online statements on the off chance that the statements are wrong.

brazzy•1h ago

You understand correctly. I suspect that in the experience of such attackers, it's not even an "off chance". They're probably up against exaggerated claims of security more often than truly well-founded ones.

brazzy•1h ago

And you really think that people who routinely use torture to extract information, and for whom claims that "I don't know it!" is basically the standard obstacle to overcome, will just believe him without even trying, because it's "math" and therefore true?

The reality is, in the xkcd Rubberhose cryptanalysis scenario, being actually unable to give up the information is a MUCH WORSE situation to be be in than having a key to give up before they permanently maim/kill you. It might be better for a third party who benefits from the information remaining secret, but not for the person unable to divulge it.

But thinking you're safe because the attackers will read, understand, and believe your claims of uncompromisable cryptographic security is dangerously naive.

razemio•1h ago

Ah okay, I get what you mean now. I thought your comment was suggesting he actually can access the information.

I still believe, which might indeed be naive, that this is the best way. It results in a failed mission lowering the risks for others and if applied for all theses services (again naive), in a general understanding.

episteme•2h ago

If torturing and kidnap are on the table, how does this help? They can torture you to give them the keys just like a password.

j3th9n•1h ago

You might want to study asymetric cryptography.

canucker2016•4h ago

NYC catching up to Paris - https://arstechnica.com/security/2025/05/we-have-reached-the...

carimura•4h ago

https://archive.is/JiYYY

strathmeyer•4h ago

Great job score one for crypto holders who plan on not revealing their key under torture.

brunoqc•4h ago

https://www.cbc.ca/news/canada/montreal/murder-old-montreal-...

private_island•3h ago

Bring back the penny. A bag of them can be used to stop an attacker.

blooalien•1h ago

> Bring back the penny. A bag of them can be used to stop an attacker.

You'll just have to use a sock fulla nickels now I guess ... :shrug:

0x38B•3h ago

The most telling or disturbing thing I learned from a recent article posted here about the Crypto-related kidnappings was how criminals found some of their victims’ addresses and personal information in marketing data that companies kept on their customers.

mcintyre1994•1h ago

The recent Coinbase leak is mostly stored KYC data AFAIK, so even if the company isn’t using it for marketing, they’re probably being forced to store data that they’re not responsible enough to protect.

web3aj•2h ago

This story is unreal.

ChrisArchitect•2h ago

Earlier: https://news.ycombinator.com/item?id=44084352

echan00•1h ago

If the title read 'human charged with kidnapping a d torturing a man' instead does that mean all humans are bad? I fail to see the linkage here

tux3•50m ago

The whole point of the kidnapping and torture was to steal bit coin cryptocurrency.

Of course it's material to the story. It'd be conpletely artificial to pretend otherwise.

Claude 4 System Card

Reinvent the Wheel

On File Formats

How to Install Windows NT 4 Server on Proxmox

Google Shows Off Android XR Smart Glasses with In-Lens Display

I used o3 to find a remote zeroday in the Linux SMB implementation

Why old games never die, but new ones do

Infinite Tool Use

Space is not a wall: toward a less architectural level design

Tachy0n: The Last 0day Jailbreak

The WinRAR Approach

Good Writing

Hydra: Vehicles on the island – 'After the works they abandon them here'

Show HN: Rotary Phone Dial Linux Kernel Driver

Nvidia Pushes Further into Cloud with GPU Marketplace

Hong Kong's Famous Bamboo Scaffolding Hangs on (For Now)

The Xenon Death Flash: How a Camera Nearly Killed the Raspberry Pi 2

Using the Apple ][+ with the RetroTink-5X

Peer Programming with LLMs, for Senior+ Engineers

Lone coder cracks 50-year puzzle to find Boggle's top-scoring board

An Almost Pointless Exercise in GPU Optimization

Scientific conferences are leaving the US amid border fears

Contacts let you see in the dark with your eyes closed

It is time to stop teaching frequentism to non-statisticians (2012)

The Logistics of Road War in the Wasteland

Domain Theory Lecture Notes

AI, Heidegger, and Evangelion

Exposed Industrial Control Systems and Honeypots in the Wild [pdf]

Microsoft-backed UK tech unicorn Builder.ai collapses into insolvency

Personal Computer Origins: The Datapoint 2200