Bitrefill Cyberattack Exposes 18,500 Records, Lazarus Group Suspected

TheNewsCryptoPublished on 2026-03-18Last updated on 2026-03-18

Abstract

Bitrefill, a cryptocurrency payment platform, was targeted by a cyberattack attributed to the North Korea-linked Lazarus Group on March 1, 2026. The breach, which began with a compromised employee laptop, exposed approximately 18,500 customer purchase records, including email addresses, crypto payment addresses, and IP data. The attackers primarily focused on moving funds from hot wallets and exploiting the gift card system, rather than stealing full customer data. Bitrefill quickly detected the unusual activity, shut down systems to prevent further damage, and has committed to covering all losses with its own funds. The company has since enhanced security measures, including stronger access controls and improved monitoring, and confirmed that most services are back to normal. This was Bitrefill's first major security breach in over a decade.

Bitrefill, a cryptocurrency payment platform, reported that it was the target of a cyberattack on March 1, 2026, and it attributed the attack to the Lazarus Group, a hacker collective associated with North Korea. The attack exposed about 18,500 customer purchase records and impacted several aspects of Bitrefill’s systems, including its cryptocurrency wallets.

How this Breach Happened

According to the firm, the breach began with the compromised employee’s laptop. In this case, the hackers were able to enter Bitrefill’s infrastructure and access production keys by moving funds from the hot wallet to exploit its gift card system. The company noticed unusual activity and quickly shut down systems to stop further damage.

The attacker accessed about 18,500 purchase records, which include email addresses, crypto payment addresses, and IP address data. The firm says that the hackers did not try to steal full customer data, and their main focus was on the crypto funds and the gift cards.

Bitrefill confirmed that it will cover all losses using its own funds. The company said it remains financially stable and that most services, including payments and accounts, are now back to normal.

Bitrefill has taken steps to improve security by providing stronger access control, better monitoring systems, external security testing, and faster response systems for future attacks. Additionally, it collaborates with blockchain analysts and security experts. According to Bitrefill, the hack was the company’s first significant security breach in more than ten years. Despite the attack’s damage, the business swiftly responded and resumed operations.

Highlighted Crypto News:

SEC and CFTC Introduce Crypto Classification Framework

TagsBitrefillCryptocurrency

Related Questions

QWhat company was targeted in the cyberattack and who is suspected to be behind it?

ABitrefill, a cryptocurrency payment platform, was targeted, and the attack is attributed to the Lazarus Group, a hacker collective associated with North Korea.

QHow many customer records were exposed in the Bitrefill breach?

AApproximately 18,500 customer purchase records were exposed.

QWhat type of information was accessed in the compromised purchase records?

AThe accessed information includes email addresses, crypto payment addresses, and IP address data.

QHow did the attackers initially gain access to Bitrefill's systems?

AThe breach began with a compromised employee's laptop, which allowed the hackers to enter the infrastructure and access production keys.

QWhat steps has Bitrefill taken to improve its security following the attack?

ABitrefill has implemented stronger access control, better monitoring systems, external security testing, and faster response systems. It is also collaborating with blockchain analysts and security experts.

Related Reads

Countdown to Hormuz Begins | Rewire Morning News Brief

Summary: The countdown to a potential crisis in the Strait of Hormuz has begun as a US ultimatum to Iran is set to expire. Iran is sending mixed signals: its foreign minister claims the strait remains open, while its military threatens a complete closure if the US attacks its power plants. In response to the escalating tensions, the IEA has announced its largest-ever release of 400 million barrels from strategic oil reserves, but oil prices remain above $100 due to significant supply disruptions. The conflict is also impacting global tech infrastructure, with AWS data centers in the Middle East being attacked and helium supplies from Qatar—critical for semiconductor manufacturing—threatened. In AI news, Cursor admitted its new model is based on China's Moonshot AI, sparking a licensing dispute. Other notable updates include Morgan Stanley filing for a Bitcoin ETF, a major US Army contract for Anduril, and a significant drop in Bitcoin mining difficulty.

marsbit1h ago

Countdown to Hormuz Begins | Rewire Morning News Brief

marsbit1h ago

Hyperliquid drops below $40 as $3mln whale goes long – What’s next for HYPE?

Hyperliquid's HYPE token has been in a steep downtrend, falling 2.5% to $38.5 and struggling to hold above $40 after failing to break the $43.7 resistance. Despite reduced whale activity in futures over the past few days, a new whale recently entered the market with a $3 million long position on 80,000 HYPE using 10x leverage, signaling potential bullish expectations. However, market sentiment remains largely bearish, with $2.2 million in long liquidations in 24 hours and a Long/Short Ratio below 1. Technical indicators like the RSI at 58 and declining Aroon Up suggest weakening bullish momentum. If selling pressure continues, HYPE could drop toward $35, but a reversal is possible if whale activity attracts fresh capital.

ambcrypto1h ago

Hyperliquid drops below $40 as $3mln whale goes long – What’s next for HYPE?

ambcrypto1h ago

Crypto Industry Lays Off Hundreds in Weeks, Blaming Both AI and Bear Market

The cryptocurrency industry has seen a wave of layoffs in recent weeks, with companies including Algorand, Gemini, Crypto.com, OP Labs, and Messari cutting hundreds of jobs. Official reasons cited range from poor macroeconomic conditions and declining token prices to increased integration of AI to improve efficiency. However, industry observers suggest these layoffs are less about AI replacing human labor and more a result of broader sector consolidation. Key areas like restaking, DePIN, and Layer 2 solutions have significantly contracted, forcing companies into cost-cutting mode. New job postings in crypto have dropped by about 80% compared to last year, indicating a wider market slowdown. The reported layoffs likely represent only a fraction of the actual reductions, reminiscent of the larger downturn seen during the 2022 crypto winter.

marsbit1h ago

Crypto Industry Lays Off Hundreds in Weeks, Blaming Both AI and Bear Market

marsbit1h ago

What happened in crypto today: Hormuz tensions, oil prices impact the market

Trump’s 48-hour ultimatum over the Strait of Hormuz triggered a crypto market downturn, reinforcing Bitcoin’s role as a macro stress outlet. BTC swung between $68,265 and $71,051 before settling near $69,195, down 2.2%, with over $123 million in liquidations. Ethereum fell 2.1%, and the Fear and Greed Index dropped to 9, indicating rising fear. The sell-off spread to altcoins like XRP and SOL, with total market cap falling to $2.37 trillion. Bitcoin dominance rose to 58.2%, showing a defensive shift into BTC rather than altcoins. Spot Bitcoin ETFs saw $163 million in outflows on March 18, reversing prior inflows, though cumulative inflows remain above $56 billion. The market appears reactive, with fragile liquidity and no significant new capital entering.

ambcrypto2h ago

What happened in crypto today: Hormuz tensions, oil prices impact the market

ambcrypto2h ago

Middle East Conflict Rekindles Rate Hike Expectations, Gold Suffers Worst Sell-off in 43 Years

Gold suffered its worst weekly decline in 43 years, with spot prices falling for eight consecutive sessions—the longest losing streak since October 2023. Silver also plunged over 15%, while platinum and palladium followed lower. The sell-off was triggered by escalating Middle East conflicts, which drove up oil prices and reinforced expectations of Federal Reserve rate hikes rather than cuts. Market bets on a Fed hike by October rose to 50%, reducing the appeal of non-yielding gold amid higher real rate prospects. Technical indicators worsened, with RSI falling below 30, triggering stop-losses and self-reinforcing selling. Gold ETFs saw outflows for three straight weeks, losing over 60 tons. The situation echoes the 1983 crash when OPEC nations sold gold reserves to raise cash amid an oil price collapse. Despite a 4% year-to-date gain, macro conditions have deteriorated. Rising energy prices may reduce global GDP by 0.3% and lift inflation by 0.5-0.6%, increasing stagflation risks. Gold’s future trajectory hinges on real rates and geopolitical developments—further rate hike expectations could sustain pressure, while any de-escalation may revive safe-haven demand.

marsbit2h ago

Middle East Conflict Rekindles Rate Hike Expectations, Gold Suffers Worst Sell-off in 43 Years

marsbit2h ago

Trading

Spot
Futures
活动图片