Crypto e-commerce retailer Bitrefill has revealed it was the sufferer of a cybersecurity assault on March 1, with the strategies used intently resembling these of Lazarus Group, North Korea’s infamous hacking group.
In a submit to X on Tuesday, Bitrefill stated the hackers used malware, on-chain tracing, and reused IP and e mail infrastructure to compromise an worker’s laptop computer, enabling them to empty funds from the corporate’s sizzling wallets whereas additionally accessing 18,500 buy information, probably revealing “restricted buyer info.”
Bitrefill stated BlueNoroff Group, one other North Korean hacking group with shut ties to the Lazarus Group, might have additionally been concerned or been the only attacker.
Supply: Bitrefill
Bitrefill, which permits prospects to spend crypto on real-world merchandise and present playing cards, stated there was no proof that the hackers extracted its database, suggesting the motive was monetary.
“There isn’t a proof that they extracted our whole database, solely that the attackers ran a restricted variety of queries according to probing to know what there was to steal, together with cryptocurrency and Bitrefill present card stock.”
Whereas Bitrefill didn’t disclose how a lot funds had been stolen, the corporate stated it “will take in” these losses from its operational capital.
“Nearly all the pieces is again to regular: funds, inventory, accounts,” Bitrefill stated, including: “Gross sales volumes are additionally again to regular, and we’re eternally grateful to our prospects to your continued confidence in us.”
Regardless of many crypto platforms strengthening safety measures in recent times, refined hackers have continued to seek out methods to breach their defenses.
Associated: Bonk.enjoyable warns hackers hijacked area in wallet-drainer assault
Lazarus Group stays the crypto business’s most formidable menace and was behind the most important hack in crypto historical past, when it stole $1.4 billion from crypto change Bybit in February 2025.
Bitrefill has upped its safety measures
Bitrefill stated it contacted legislation enforcement and labored with crypto safety companies Safety Alliance, FearsOff Safety, Recoveris.io and zeroShadow to navigate the cybersecurity incident. A part of its preliminary response was to show its techniques offline to include the assault.
Bitrefill stated it has already “considerably improved” its cybersecurity practices for the reason that incident.
These measures embrace cybersecurity critiques with safety researchers and implementing their suggestions, tightening inner entry controls and bettering monitoring methods for sooner detection and response.
Journal: China’s ‘50x’ blockchain enhance, Alibaba-linked AI mines Bitcoin: Asia Categorical