Crypto e-commerce retailer Bitrefill has revealed it was the sufferer of a cybersecurity assault on March 1, with the strategies used carefully resembling these of Lazarus Group, North Korea’s infamous hacking group.
In a put up to X on Tuesday, Bitrefill mentioned the hackers used malware, on-chain tracing, and reused IP and e mail infrastructure to compromise an worker’s laptop computer, enabling them to empty funds from the corporate’s scorching wallets whereas additionally accessing 18,500 buy information, probably revealing “restricted buyer data.”
Bitrefill mentioned BlueNoroff Group, one other North Korean hacking group with shut ties to the Lazarus Group, might have additionally been concerned or been the only attacker.
Supply: Bitrefill
Bitrefill, which permits clients to spend crypto on real-world merchandise and reward playing cards, mentioned there was no proof that the hackers extracted its database, suggesting the motive was monetary.
“There isn’t any proof that they extracted our complete database, solely that the attackers ran a restricted variety of queries per probing to know what there was to steal, together with cryptocurrency and Bitrefill reward card stock.”
Whereas Bitrefill didn’t disclose how a lot funds have been stolen, the corporate mentioned it “will soak up” these losses from its operational capital.
“Nearly all the pieces is again to regular: funds, inventory, accounts,” Bitrefill mentioned, including: “Gross sales volumes are additionally again to regular, and we’re eternally grateful to our clients on your continued confidence in us.”
Regardless of many crypto platforms strengthening safety measures lately, refined hackers have continued to discover methods to breach their defenses.
Associated: Bonk.enjoyable warns hackers hijacked area in wallet-drainer assault
Lazarus Group stays the crypto trade’s most formidable risk and was behind the most important hack in crypto historical past, when it stole $1.4 billion from crypto alternate Bybit in February 2025.
Bitrefill has upped its safety measures
Bitrefill mentioned it contacted legislation enforcement and labored with crypto safety companies Safety Alliance, FearsOff Safety, Recoveris.io and zeroShadow to navigate the cybersecurity incident. A part of its preliminary response was to show its methods offline to include the assault.
Bitrefill mentioned it has already “considerably improved” its cybersecurity practices because the incident.
These measures embrace cybersecurity opinions with safety researchers and implementing their suggestions, tightening inside entry controls and enhancing monitoring methods for quicker detection and response.
Journal: China’s ‘50x’ blockchain increase, Alibaba-linked AI mines Bitcoin: Asia Categorical
