Bitrefill blames North Korea-linked Lazarus hacker group for compromising 18,500 purchase records

The post Bitrefill blames North Korea-linked Lazarus hacker group for compromising 18,500 purchase records appeared on BitcoinEthereumNews.com.

Cryptocurrency payments and gift card platform Bitrefill has blamed the North Korea-linked hacking group Lazarus for a cyberattack on March 1, 2026, that compromised parts of its infrastructure and cryptocurrency wallets. The attackers gained access to production keys, transferred funds from hot wallets, and exposed 18,500 purchase records containing emails, payment addresses, and IP addresses. Approximately 1,000 records included encrypted usernames. Affected users were notified. Operations have resumed, with the company announcing to cover losses from operational capital. The incident underscores the importance of vigilance regarding crypto and on-chain security. The modus operandi included malware, on-chain tracing and reused IP and email addresses and was similar to previous attacks attributed to North Korea’s Lazarus Group, also known as Bluenoroff, the company said in a detailed report on X. The Lazarus Group has previously targeted crypto projects including Ronin Network, Harmony’s Horizon Bridge, WazirX, and Atomic Wallet. How the attack unfolded It all began with with a compromised employee laptop, which exposed legacy credentials and allowed attackers to access Bitrefill’s broader infrastructure, including parts of its database and cryptocurrency wallets. The breach quickly became apparent when the company noticed unusual purchasing patterns among certain suppliers, signaling that attackers were exploiting its gift card inventory and supply chains. The firm also noted that attackers were draining some hot wallets and moving funds to their own addresses, following which, the system was taken offline to contain the damage. “Bitrefill operates a global e-commerce business with dozens of suppliers, thousands of products, and multiple payment methods across many countries. Safely switching all these things off and bringing them back online is not trivial,” the company said in a statement. Since the incident, Bitrefill has been working with security researchers, incident response teams, on-chain analysts, and law enforcement to investigate the breach. Customer data impact…

Leave a Reply

Your email address will not be published. Required fields are marked *

Filed under: News - @ March 18, 2026 7:30 am