Binance is launching a withdrawal lock to help deter crypto wrench attacks

The lock is meant to protect users from being forced into withdrawing their funds, though it's an internal policy and not a cryptographic lock.

What to know:

• Binance launched "Withdraw Protection," a user-controlled lock (1-7 days) on withdrawals to counter "wrench attacks" (physical coercion) in high-risk scenarios.
• The lock does not shield accounts from law enforcement orders.
• The feature addresses a major rise in coercion incidents. Binance also advised users to secure API keys from trading bots and manage their online footprint.

Binance is launching a user-controlled withdrawal lock aimed at a threat the crypto industry has spent the past year reckoning with: physical coercion of holders, otherwise known as the so-called wrench attacks.

The feature, "Withdraw Protection," lets users freeze their own account against onchain withdrawals for one to seven days, the exchange said Monday. A stricter "lockdown" mode disables early unlocking entirely. Binance's press release says the lock cannot be overridden by the exchange.

In an interview with CoinDesk, the exchange’s Chief Security Officer Jimmy Su said the company built the feature in response to patterns it observed in the wild, including "withdrawals that are more risky or even coerced in some cases."

He pointed to users traveling to regions where being identifiable as a crypto holder carries physical risk.

"We are seeing a pattern where some of the users might go to more risky geographical locations," Su said. "They want to have this user-control layer where they can put in a restriction on withdrawals. In case anything happens, that would give them more time to recover."

Asked whether the feature was a defense against wrench attacks specifically, Su said that was one scenario, alongside cases in certain regions where bad actors actively work to identify crypto users for in-person targeting.

A policy lock

Binance's press release framed the un-overridable lock as a hard guarantee. Su clarified the mechanism is an internal policy.

“It's an internal policy for this particular feature. Our customer service agents are not able to override it,” Su told CoinDesk. “The goal is to address the irreversible transfer nature of crypto.. Unlike a fiat scenario where funds are withdrawn to a checking or bank account and there are ways to reverse the transaction, you can't do that with onchain crypto.”

The distinction matters. A cryptographic lock would be effectively immutable for the user's chosen period. A policy lock depends on Binance's continued enforcement, and on the absence of legal compulsion to lift it. Su said the feature does not block law enforcement orders.

"This does not prevent law enforcement from taking action on accounts," he said.

Why a delay is now worth offering

Withdrawal-delay features are not new. Coinbase has offered Vaults, with a 48-hour delay and email confirmation, for years. Kraken offers a similar Global Settings Lock.

The threat landscape has changed. According to data from CertiK and crypto researcher Jameson Lopp, verified physical coercion incidents against crypto holders rose 75% in 2025, reaching 72 confirmed cases. Assault-related incidents jumped 250%.

Coerced withdrawals defeat conventional account security. Every credential check is completed by the legitimate user.

A time lock changes that calculus: a user who activates Withdraw Protection before traveling to a high-risk region cannot be forced to move funds at the destination, even under physical threat. Contacting support, in this case, wouldn’t help either.

Trading bots and the next layer

Asked what user behavior worries him most, Su pointed to trading bots advertised on forums and ad networks that ask users to grant API keys with broad permissions.

“If the trading bot is a scam, it can be used to cause trading losses and unauthorized withdrawals," Su said. Users should treat API keys with the same protection as their passwords or two-factor authentication, he added: “Once a key is used by a trading bot, it's as if they are operating on behalf of that user.”

Binance is investing in context-aware authentication that varies friction based on detected risk, Su said. For routine actions like login or trading, the goal is to reduce visible challenges. For high-risk actions like withdrawals, more friction is the point.

He framed Withdraw Protection as one layer in a defense-in-depth approach, not a replacement for basic hygiene. The advice for the wrench-attack threat model, he said, was to manage one's online footprint.

"Crypto users need to protect their online presence," Su said. "Trying to protect the confidential information in terms of how much they have in crypto. Make yourself a harder target."

More For You

Bitmine's latest ETH purchase comes as Lee cited progress on digital asset regulation CLARITY Act as a key catalyst for crypto markets.

What to know:

• Ethereum treasury firm Bitmine acquired 101,745 ether last week, bringing total holdings to 5.18 million ETH.
• Chairman Tom Lee said "crypto spring" has begun despite muted investor sentiment.
• Firm staked over 4.36 million ETH, generating nearly $300 million in annualized revenue.

Tom Lee says 'crypto spring' started as largest Ethereum treasury buys $238 million in ether

37 minutes ago

Trump-affiliated World Liberty sues Justin Sun for 'defamation' after Tron creator's lawsuit

1 hour ago

CoinDesk 20 performance update: Bittensor (TAO) jumps 4.1% over the weekend

1 hour ago

Kraken's parent company Payward alleges $25 million crypto custody fraud in lawsuit against Etana and firm's CEO

2 hours ago

Kraken parent Payward closes $550 million Bitnomial deal, securing full CFTC derivatives stack

2 hours ago

Laywer pops up on Arbitrum DAO forums seeking funds for victims of decades-old North Korean terrorist acts

3 hours ago

Iran missile report sends bitcoin back to $79,000, with ETH, SOL, DOGE sharply lower

3 hours ago

Crypto bears got it wrong again, losing $300 million in liquidations

4 hours ago

U.S. voters don't trust Trump administration to oversee crypto sector, CoinDesk poll finds

May 3, 2026

Coinbase boosts Solana trading with DFlow integration

4 hours ago

Veteran trader Peter Brandt sees bitcoin hitting $250,000, but only after a bottom later this year

10 hours ago

Strategy pauses bitcoin buys before Tuesday earnings

9 hours ago