Robbers Pose as Delivery for Crypto Heists

The news here is not a wallet exploit or some clever blockchain scam. It is old-school armed robbery, pointed at a very modern target. Federal prosecutors say three men from Tennessee posed as delivery workers, got close to California crypto owners, and then used guns, zip ties, duct tape, and threats to force access to digital assets. The indictment was announced this week, but the alleged attacks stretch back to 2022 and hit the Bay Area and Los Angeles. ### Who got charged? The indictment names Elijah Armstrong, Nino Chindavanh, and Jayden Rucker. Prosecutors say they conspired to kidnap and rob people in San Francisco, San Jose, Sunnyvale, and Los Angeles because those victims were believed to hold substantial cryptocurrency. Armstrong and Rucker were arrested in Los Angeles on December 31, 2025, and Chindavanh was arrested earlier, on December 22, 2025, in Sunnyvale. (justice.gov) ### What did the crew allegedly do? The basic tactic was simple and ugly. Investigators say the men posed as delivery workers to get to victims’ homes, then forced their way in or confronted victims while armed. Once inside, they allegedly restrained people with zip ties or duct tape and demanded access to phones, accounts, and crypto credentials. This was not about stealing a laptop and hoping for the best — it was about forcing a live transfer while the victim was standing there. (justice.gov) ### Why dress as delivery workers? Because it lowers the victim’s guard. A stranger at the door is suspicious. A stranger holding a package is normal. That disguise matters because crypto theft gets much easier if attackers can get physically close to the person who controls the wallet, the phone, and the authentication steps. In this case, prosecutors say the disguise helped the suspects gain access to residences before the violence started. (justice.gov) ### What happened in the $6.5 million case? One victim was allegedly forced at gunpoint to sign into crypto accounts so a co-conspirator could transfer about $6.5 million in digital assets to a wallet controlled by the group. That detail is the center of gravity here. It turns the story from “violent robbery” into something more specific — a coercion attack on self-custodied wealth, where the person becomes the security vulnerability. (justice.gov) ### Is this a hack? Not really. People in crypto sometimes call this a “wrench attack” — meaning the attacker skips the code-breaking and goes straight to the human being with the password. Basically, if someone can force you to unlock your phone, open your wallet app, or approve a transfer, strong cryptography does not help much in that moment. The blockchain part is almost beside the point. The weak link is physical safety. (justice.gov) ### Why target crypto owners specifically? Crypto can be moved fast, across borders, and without the same reversal tools that exist in traditional banking. If a victim controls the assets directly, there may be no fraud department to freeze the transfer after the fact. That makes known crypto holders unusually attractive targets for robbery crews willing to use violence. The indictment suggests prosecutors believe the suspects chose victims precisely because they expected large digital holdings. (cointelegraph.com) ### What are the charges and stakes now? The defendants were indicted on conspiracy to commit Hobbs Act robbery, conspiracy to commit kidnapping, attempted Hobbs Act robbery, and attempted kidnapping. Those are serious federal charges, and some counts can carry extremely heavy penalties if the men are convicted. For prosecutors, the point is bigger than one case — they are signaling that crypto crime is no longer just a cybercrime beat. It is also a violent-crime beat. (justice.gov) ### Bottom line The important shift is this: the attackers allegedly did not defeat the technology. They went after the people holding it. That is the part of crypto security that hardware wallets, seed phrases, and two-factor prompts do not solve on their own. (justice.gov)