Crypto e-commerce retailer Bitrefill has revealed it was the sufferer of a cybersecurity assault on March 1, with the strategies used intently resembling these of Lazarus Group, North Korea’s infamous hacking group.
In a submit to X on Tuesday, Bitrefill stated the hackers used malware, on-chain tracing, and reused IP and e-mail infrastructure to compromise an worker’s laptop computer, enabling them to empty funds from the corporate’s scorching wallets whereas additionally accessing 18,500 buy information, probably revealing “restricted buyer info.”
Bitrefill stated BlueNoroff Group, one other North Korean hacking group with shut ties to the Lazarus Group, might have additionally been concerned or been the only real attacker.
Supply: Bitrefill
Bitrefill, which allows clients to spend crypto on real-world merchandise and reward playing cards, stated there was no proof that the hackers extracted its database, suggesting the motive was monetary.
“There isn’t any proof that they extracted our whole database, solely that the attackers ran a restricted variety of queries according to probing to know what there was to steal, together with cryptocurrency and Bitrefill reward card stock.”
Whereas Bitrefill didn’t disclose how a lot funds had been stolen, the corporate stated it “will take up” these losses from its operational capital.
“Nearly every thing is again to regular: funds, inventory, accounts,” Bitrefill stated, including: “Gross sales volumes are additionally again to regular, and we’re eternally grateful to our clients in your continued confidence in us.”
Regardless of many crypto platforms strengthening safety measures in recent times, refined hackers have continued to seek out methods to breach their defenses.
Associated: Bonk.enjoyable warns hackers hijacked area in wallet-drainer assault
Lazarus Group stays the crypto trade’s most formidable risk and was behind the biggest hack in crypto historical past, when it stole $1.4 billion from crypto change Bybit in February 2025.
Bitrefill has upped its safety measures
Bitrefill stated it contacted legislation enforcement and labored with crypto safety companies Safety Alliance, FearsOff Safety, Recoveris.io and zeroShadow to navigate the cybersecurity incident. A part of its preliminary response was to show its programs offline to comprise the assault.
Bitrefill stated it has already “considerably improved” its cybersecurity practices because the incident.
These measures embody cybersecurity critiques with safety researchers and implementing their suggestions, tightening inside entry controls and enhancing monitoring methods for sooner detection and response.
Journal: China’s ‘50x’ blockchain increase, Alibaba-linked AI mines Bitcoin: Asia Specific
