San Francisco Crypto Heist: $11M Vanishes in Elaborate Fake Delivery Driver Scheme

Another day, another crypto crime—but this one's got more layers than your average blockchain.

The Perfect Disguise

A brazen thief posing as a delivery driver just pulled off one of San Francisco's largest crypto thefts, walking away with $11 million in digital assets. The heist unfolded with precision timing and social engineering that would make Hollywood scriptwriters jealous.

Security Theater Exposed

Physical security measures crumbled faster than a shitcoin's value during a market correction. The perpetrator bypassed multiple checkpoints using nothing more than a uniform and convincing backstory—proving once again that the weakest link in crypto security isn't the code, it's the humans.

The Aftermath

Investigators are scrambling to trace the stolen funds across blockchain ledgers, while the victim—who probably thought their cold storage was safer than traditional banks—learns the hard way that crypto's decentralization doesn't protect against old-fashioned cons.

Just remember: in crypto, sometimes the biggest risks aren't market volatility or regulatory crackdowns—they're people showing up at your door with fake packages and very real intentions. Maybe keep your millions somewhere less... deliverable.

How the robbery unfolded

According to a local report, the suspect approached the victim’s home on Dorland Street carrying a WHITE box and wearing dark clothes, gloves, a hoodie, and sunglasses.

Home security footage posted by Y Combinator CEO Garry Tan shows the masked attacker buzzing the home and asking for “Joshua,” claiming he had a package requiring a signature.

After the victim opened the door, the suspect continued the courier act, asking for a pen. Once the homeowner stepped back inside to look for one, the intruder followed him into the house.

Moments later, a loud bang was heard off-camera. Police say the suspect then drew a gun, bound the victim with duct tape, and stole his phone, laptop, and access to his crypto wallet before fleeing.

Officers arrived around 6:45 p.m. and found the victim with non-life-threatening injuries. No arrests have been made so far.

A growing wave of physical crypto attacks

Security experts say this attack mirrors a rise in physical crypto robberies worldwide. Jameson Lopp, Co-Founder of crypto security firm Casa, has documented 61 verified physical attacks on crypto holders so far in 2025, a sharp jump from 38 cases in 2024. Many involved disguises or forced entry tactics.

A similar case in the UK earlier this month saw attackers pose as delivery persons before stealing $4.3 million in crypto at machete-point. Investigators later found surveillance photos showing the suspects studying the victim’s home.

1/2 In June 2024 a victim was brutally robbed for $4.3M+ of crypto assets at gunpoint via home invasion in the UK after the attackers posed as delivery drivers.

I am proud to share that Faris & his two other accomplices were just sentenced and nearly the full amount of stolen… pic.twitter.com/raTUVdog4y

Why the crime matters

Cybercrime specialist David Sehyeon Baek said that recovering stolen crypto remains extremely difficult. Even when police track devices or try to freeze exchange funds in the first 72 hours, attackers usually MOVE assets within minutes using mixers (tools used to obscure the transaction trail on the blockchain) or private wallets. “Catching perpetrators is easier than retrieving assets,” Baek said.

The San Francisco incident has sparked renewed debate over self-custody dangers. Tan noted on X that long-term vault storage on regulated platforms may offer safer protection.

Meanwhile, the police are continuing to investigate and urging residents with camera footage from the area to come forward with any information they may have.

Also Read: GANA Payment Hit by $3.1M Exploit as Hacker Uses Tornado Cash