A disturbing new frontier has emerged in Europe’s cybercrime landscape — one where digital extortion meets physical assault. According to CrowdStrike European Threat Landscape Report, there has been a dramatic rise in cyberattacks involving violence, with at least 18 confirmed cases since early 2024 — the majority of them in France.
Once limited to code and encryption, cyberattacks are now spilling into the real world, as criminals adopt violent tactics such as kidnappings, beatings, and home invasions to force victims into paying ransoms or surrendering access to cryptocurrency wallets.
In one of the most shocking incidents, Ledger co-founder David Balland and his wife were abducted in Vierzon, central France. Attackers severed Balland’s finger to pressure his colleagues into transferring digital assets. French police later arrested ten suspects linked to the attack, including the alleged ringleader, who was detained in Morocco.
The Rise of “Violence-as-a-Service”
Experts warn that this escalation represents a new era of hybrid criminal operations. Underground forums and encrypted channels are now hosting “violence-as-a-service” offerings — where cybercrime groups hire real-world enforcers to intimidate or physically harm victims when digital coercion fails.
CrowdStrike attributes much of this activity to “The Com”, a loose coalition of international cybercriminal networks, including factions such as Scattered Spider, that collaborate to execute multi-layered extortion campaigns.
“The boundaries between online extortion and physical intimidation are dissolving,” said a European law enforcement official familiar with the report. “We’re now facing hybrid actors — hackers who have access to real-world muscle.”
France and the U.K. in the Crosshairs
France has emerged as the epicenter of cyber-enabled violence, accounting for 13 of the 18 recorded incidents. Victims have included high-profile crypto executives, small investors, and even everyday users whose digital wallets were exposed in online data breaches.
In one case near Paris, a woman was assaulted in front of her family by intruders demanding her Bitcoin keys. In another, a crypto trader was beaten and robbed of a hard drive holding €2 million in Bitcoin.
Meanwhile, the United Kingdom has overtaken other European nations in overall cyberattack volume, topping the list of victims on data leak sites. CrowdStrike also identified the U.K. as the most targeted country by Initial Access Brokers (IABs) — intermediaries who sell stolen credentials and corporate access to ransomware syndicates.
Organized Crime Meets Cybercrime
CrowdStrike’s findings highlight the convergence between digital and organized crime, where cyber syndicates collaborate with traditional criminal gangs to ensure ransom collection or silence victims.
The data shows that more than 2,100 cyberattacks were reported against European organizations since 2024, with 92% linked to ransomware or data theft groups. Many of these campaigns trace back to networks associated with The Com, which now operate transnationally across Europe, Russia, and North Africa.
“What we’re seeing is the full criminal lifecycle — from phishing emails to fists,” said one analyst. “Europe’s cyber crisis is no longer virtual.”
Europe on Alert
European law enforcement agencies are now expanding joint task forces and cyber–physical intelligence sharing to counter this evolving threat. However, experts say detection remains challenging as attackers increasingly use encrypted communication, cryptocurrency, and decentralized networks to coordinate and conceal their operations.
The report warns that as cryptocurrency adoption rises and cyber defenses tighten, “real-world coercion will become the weapon of last resort” — turning what began as a digital threat into a physical one.
