In a chilling development that blurs the line between digital crime and organized violence, researchers have observed what they call a “dramatic” increase in cyberattacks involving physical assaults across Europe. CrowdStrike’s European Threat Landscape Report details at least 18 confirmed cases since early 2024, the majority in France — long considered a hub for cryptocurrency innovation and, increasingly, its darker counterpart: crypto-related crime.
The attacks range from kidnappings to beatings and home invasions. In one of the most notorious cases, Ledger co-founder David Balland and his wife were kidnapped in Vierzon, central France. The assailants severed Balland’s finger to pressure his colleagues for ransom. Police later arrested ten suspects, including the alleged ringleader detained in Morocco.
The phenomenon, experts say, reflects the evolution of “violence as a service” — a grim new offering in underground cybercrime networks where digital adversaries outsource physical intimidation to hired enforcers. What was once confined to code has begun to spill over into the real world, driven by the high stakes of cryptocurrency and data extortion.
The Com and the Convergence of Digital Underworlds
Much of this escalation, CrowdStrike notes, can be traced to “The Com”, a loose federation of underground e-crime communities that span multiple continents. These networks, which include notorious groups such as Scattered Spider, provide cybercriminals with access to specialized skills — from phishing campaigns and data theft to, increasingly, physical enforcement.
Members of The Com advertise on encrypted Telegram channels and Russian-language forums, offering tools like one-time-password interception bots and “vishing kits” used to compromise crypto exchange accounts. But some, CrowdStrike says, have taken things further — recruiting local operatives to break into offices, assault targets, or force victims to transfer cryptocurrency holdings under duress.
This new hybrid model of cyber and physical coercion marks a shift in the global criminal ecosystem. “These are not traditional hackers,” said a European law enforcement official familiar with the report. “They are hybrid actors — digital thieves with access to real-world muscle.”
France and the U.K. at the Epicenter
France has emerged as the most affected country, with 13 of the 18 recorded violent cyber incidents in 2025 occurring within its borders. Victims range from high-profile crypto executives to ordinary investors who became targets after online breaches exposed their wallet addresses.
In one case near Paris, a woman was punched repeatedly in front of her family by attackers demanding access to her cryptocurrency wallet. In another, a man was beaten and robbed of a hard drive containing over €2 million worth of Bitcoin.
Across the Channel, the United Kingdom has become Europe’s most targeted nation for cyberattacks overall. CrowdStrike’s analysis found that British organizations topped the list of victims on data leak sites — an indicator of ransomware activity — outpacing even Germany.
The U.K. was also the primary focus for initial access brokers (IABs), intermediaries who sell stolen credentials and system access to larger criminal syndicates. “The UK’s economic prominence makes it an inevitable magnet,” CrowdStrike noted, “but what’s emerging now is a more complex threat — one that merges online extortion with offline coercion.”
A New Face of Organized Digital Crime
The escalation of cyber-enabled violence represents a fundamental change in how criminal enterprises operate. Experts suggest that the boundaries between cybercrime, organized crime, and street-level violence are rapidly dissolving. Groups that once relied solely on ransomware and phishing now employ physical intimidation to guarantee payment or silence victims.
CrowdStrike’s data indicates that more than 2,100 attacks were claimed against European organizations since 2024, with ransomware and data-theft groups accounting for 92 percent. Many of these operations trace back to The Com’s network, which facilitates collaboration between digital intruders and real-world enforcers.
Law enforcement agencies across Europe are racing to adapt. But the challenge lies not only in tracing hackers through encrypted systems — it is in preventing the violence that follows when the digital underworld steps outside the screen.
As one cybersecurity analyst put it, “What we’re seeing is the full criminal lifecycle — from phishing emails to fists. Europe’s cyber crisis is no longer virtual.”
