The Heist

A suspect posing as a delivery worker entered a Mission Dolores home near 18th and Dolores around 6:45 a.m. on November 22. The imposter restrained the resident and stole a phone, laptop, and about $11 million in cryptocurrency.

San Francisco police had not announced arrests as of Sunday. No chain or token mix has been disclosed.

The theft immediately shifted to an on-chain chase. Even when a robbery begins at a front door, the money often moves across public ledgers where it can be traced.

The Growing Trend

Physical attacks on crypto owners are far from isolated. A concerning trend is emerging.

Recent incidents include a $4.3 million UK home invasion and a SoHo kidnapping and torture to force access to a Bitcoin wallet. France has seen a rise in crypto-linked kidnappings.

Prominent holders like the Bitcoin Family are distributing their seed phrases across continents. High-net-worth investors are hiring protection.

The Recovery Race

If any stolen value is in stablecoins, the odds of a near-term stop improve. Large issuers work with law enforcement and analytics partners to blacklist addresses on notice.

Industry-wide capacity to freeze assets has expanded this year. The "T3" Financial Crime Unit has reported hundreds of millions in tainted tokens frozen since late 2024.

Centralized issuers can block spending at the token level. Centralized venues add choke points when deposits touch KYC infrastructure.

The Laundering Shift

Chainalysis's 2025 crime report shows stablecoins accounted for about 63% of illegal transaction volume in 2024. That's a marked shift from prior years when Bitcoin and Ethereum dominated laundering pipelines.

Europol warned that organized groups are scaling tactics with AI. That compresses laundering timelines and automates fragmentation across chains and services.

The Bigger Picture

The FBI's Internet Crime Complaint Center recorded $16.6 billion in cyber and scam losses in 2024. Crypto investment fraud rose 66% year-over-year.

Physical coercion incidents against crypto holders, sometimes labeled wrench attacks, have drawn more attention across 2024 and 2025. Home invasions, SIM swaps, and social engineering are converging.

The California Context

California's Digital Financial Assets Law took effect in July 2025. It gives the Department of Financial Protection and Innovation licensing and enforcement authority over exchange and custody activities.

If any off-ramp, OTC broker, or storage provider with California exposure intersects with the stolen funds, the law could support coordination with law enforcement.

The Policy Shift

The U.S. Treasury removed Tornado Cash from the Specially Designated Nationals list on March 21, 2025. That change alters the compliance posture around interacting with the codebase.

It doesn't legalize laundering or remove analytics visibility. But it reduces the deterrent optics that previously pushed some actors toward alternate mixers and bridges.

The Bottom Line

An $11 million crypto heist in San Francisco highlights the growing threat of physical attacks on crypto holders, with stablecoins now accounting for 63% of illegal transaction volume as thieves race to launder funds before issuers and law enforcement can freeze assets.