Everyone would know it and the attestation key would be obsolete. New wallets will be made with another key, and for old wallets users already know they are genuine anyway.

Hopefully the attestation (root) key is itself stored in secure hardware (i.e. an HSM or similar) that can't be reprogrammed unilaterally, even by a privileged actor.

Obligatory $5 wrench xkcd: https://xkcd.com/538/

Still, physically threatening/kidnapping somebody is an entirely different threat model, although it's very common in the Bitcoin world: https://github.com/jlopp/physical-bitcoin-attacks

This is not specific to Bitcoin though.

In Latin America there are “Flash/lightening kidnappings” where they take a person hostage and drain their bank account over a period of time.

They can’t take a bank hostage and drain all of it’s customers funds though.

This was solved technically with the invention multisig wallets.

Whether the custodians choose to support them or not is another matter.