Bitrefill Cyberattack Exposes 18,500 Records, Lazarus Group Suspected

TheNewsCryptoОпубликовано 2026-03-18Обновлено 2026-03-18

Введение

Bitrefill, a cryptocurrency payment platform, was targeted by a cyberattack attributed to the North Korea-linked Lazarus Group on March 1, 2026. The breach, which began with a compromised employee laptop, exposed approximately 18,500 customer purchase records, including email addresses, crypto payment addresses, and IP data. The attackers primarily focused on moving funds from hot wallets and exploiting the gift card system, rather than stealing full customer data. Bitrefill quickly detected the unusual activity, shut down systems to prevent further damage, and has committed to covering all losses with its own funds. The company has since enhanced security measures, including stronger access controls and improved monitoring, and confirmed that most services are back to normal. This was Bitrefill's first major security breach in over a decade.

Bitrefill, a cryptocurrency payment platform, reported that it was the target of a cyberattack on March 1, 2026, and it attributed the attack to the Lazarus Group, a hacker collective associated with North Korea. The attack exposed about 18,500 customer purchase records and impacted several aspects of Bitrefill’s systems, including its cryptocurrency wallets.

How this Breach Happened

According to the firm, the breach began with the compromised employee’s laptop. In this case, the hackers were able to enter Bitrefill’s infrastructure and access production keys by moving funds from the hot wallet to exploit its gift card system. The company noticed unusual activity and quickly shut down systems to stop further damage.

The attacker accessed about 18,500 purchase records, which include email addresses, crypto payment addresses, and IP address data. The firm says that the hackers did not try to steal full customer data, and their main focus was on the crypto funds and the gift cards.

Bitrefill confirmed that it will cover all losses using its own funds. The company said it remains financially stable and that most services, including payments and accounts, are now back to normal.

Bitrefill has taken steps to improve security by providing stronger access control, better monitoring systems, external security testing, and faster response systems for future attacks. Additionally, it collaborates with blockchain analysts and security experts. According to Bitrefill, the hack was the company’s first significant security breach in more than ten years. Despite the attack’s damage, the business swiftly responded and resumed operations.

Highlighted Crypto News:

SEC and CFTC Introduce Crypto Classification Framework

TagsBitrefillCryptocurrency

Связанные с этим вопросы

QWhat company was targeted in the cyberattack and who is suspected to be behind it?

ABitrefill, a cryptocurrency payment platform, was targeted, and the attack is attributed to the Lazarus Group, a hacker collective associated with North Korea.

QHow many customer records were exposed in the Bitrefill breach?

AApproximately 18,500 customer purchase records were exposed.

QWhat type of information was accessed in the compromised purchase records?

AThe accessed information includes email addresses, crypto payment addresses, and IP address data.

QHow did the attackers initially gain access to Bitrefill's systems?

AThe breach began with a compromised employee's laptop, which allowed the hackers to enter the infrastructure and access production keys.

QWhat steps has Bitrefill taken to improve its security following the attack?

ABitrefill has implemented stronger access control, better monitoring systems, external security testing, and faster response systems. It is also collaborating with blockchain analysts and security experts.

Похожее

How to View the Divergence Between Gold and Oil Prices?

The article analyzes the divergence between gold and oil prices following the outbreak of the U.S.-Iran war. While oil prices surged significantly, gold experienced a decline, contrary to expectations given its traditional role as a safe-haven asset during geopolitical crises. Gold serves three primary hedging functions: against geopolitical risk, inflation risk, and U.S. dollar risk. Since late 2023, gold had been in a strong bull market, rising from $1,800 to over $5,000, driven by simultaneous geopolitical tensions (e.g., Russia-Ukraine war, Middle East conflicts), inflationary pressures, and a weakening dollar due to the Fed's premature rate cuts. However, after the U.S. "decapitation" strike on Iran, gold prices fell sharply. This was attributed to two main factors: a shift of capital from gold to oil, as investors repositioned portfolios to capitalize on rising oil prices, and a liquidity crisis in U.S. financial markets that forced large-scale sell-offs of gold—a highly liquid asset—to meet redemption demands. More critically, growing pessimism about a prolonged U.S.-Iran conflict raised fears of sustained high oil prices, potential global economic disruption, and a possible reversal of Fed monetary policy (delayed cuts or even renewed hikes). This expectation of tighter policy caused gold’s dollar-related hedging function to reverse, overwhelming its geopolitical and inflation hedging roles and leading to a severe correction. Oil prices also experienced volatility. They initially spiked to nearly $120 per barrel post-strike, then fell by 30% on Trump’s hints of a quick resolution, but rebounded as market expectations corrected when the conflict persisted and the Strait of Hormuz remained threatened. The outlook for both commodities depends on the evolution of the U.S.-Iran conflict. If it becomes a prolonged war like Ukraine, gold may lack short-term value as monetary fears prevail, while oil and energy assets may benefit. A critical factor will be whether the Strait of Hormuz is reopened, which hinges on geopolitical decisions ahead.

marsbit31 мин. назад

How to View the Divergence Between Gold and Oil Prices?

marsbit31 мин. назад

The Stablecoin Yield Debate: How It's Stalling U.S. Crypto Regulatory Legislation?

The debate over stablecoin yields has become a central obstacle to U.S. cryptocurrency regulatory legislation, stalling the Senate’s proposed CLARITY Act. The conflict centers on whether dollar-pegged stablecoins should function solely as payment tools or also offer yield-bearing features that compete with traditional bank deposits and money market funds. Banks argue that yield offerings could drain deposits—potentially up to $500 billion by 2028—undermining their lending capacity and harming local economies. They are pushing Congress to explicitly prohibit such returns. In contrast, crypto firms contend that limited incentives could help digital dollars compete with traditional payment systems and drive mainstream adoption. A Congressional Research Service report highlighted legal ambiguities in the earlier GENIUS bill, which banned direct issuer-yield payments but left room for intermediaries to distribute benefits. This regulatory gap has intensified the legislative standoff. With political deadlines tightening ahead of elections, the window for passing the bill is narrow—likely closing by late April or early May. If Congress fails to act, regulators may impose rules independently, such as the OCC’s proposed restrictions on indirect yield mechanisms. The outcome will shape not only the future of stablecoin yields but also broader crypto market structure, including asset classification and regulatory clarity. Failure could delay legal certainty, forcing the industry to rely on organic adoption rather than legislative support.

marsbit44 мин. назад

The Stablecoin Yield Debate: How It's Stalling U.S. Crypto Regulatory Legislation?

marsbit44 мин. назад

WLFI shows strength amid broader market sell-off: But is it a trap?

The crypto market, including Bitcoin, faced a sharp sell-off following comments from former U.S. President Donald Trump, with BTC dropping below $68k. Despite the downturn, World Liberty Financial (WLFI) showed relative strength, gaining 2% while Bitcoin fell over 3%. However, the longer-term trend for WLFI remains bearish. A key support zone of $0.095-$0.10 was breached, and it is now acting as resistance. Volume indicators like OBV, A/D, and CMF suggest continued selling pressure and capital outflows. Although a short-term bounce above $0.10 is possible if Bitcoin recovers, WLFI’s bearish structure persists. A break above $0.107 is needed to turn the trend bullish. Traders are advised to maintain a cautious or bearish bias.

ambcrypto50 мин. назад

WLFI shows strength amid broader market sell-off: But is it a trap?

ambcrypto50 мин. назад

Funding Weekly Report | 11 Public Funding Events, Prediction Market Platform Kalshi Completes New Round of Over $1 Billion Funding, Valuation Reaches $22 Billion

Last week (March 16-22) saw 11 blockchain funding rounds totaling over $1.086 billion. Key deals include prediction market platform Kalshi raising over $1 billion at a $22 billion valuation, led by Coatue. In AI x Web3, Gency AI secured $20 million from investors including TikTok to expand its decentralized ad network, while Derivio raised $6 million for its AI-native trading platform. In DeFi, Ironlight Group raised $21 million to expand its compliant tokenized securities infrastructure. Infrastructure player Uniblock raised $5.2 million. In CeFi, stablecoin payment platforms TransFi and Dtcpay raised $19.2 million and $10 million, respectively. Republic also received a strategic investment from Hamilton Lane, bringing its total funding to $202 million.

marsbit1 ч. назад

Funding Weekly Report | 11 Public Funding Events, Prediction Market Platform Kalshi Completes New Round of Over $1 Billion Funding, Valuation Reaches $22 Billion

marsbit1 ч. назад

10 Cold Takes on WeChat's Integration of OpenClaw

WeChat's recent integration of OpenClaw as a plugin has sparked discussions, but its immediate impact may be overestimated. The feature allows users to connect their existing OpenClaw agents to WeChat via a simple setup, but it comes with limitations: no group chat support, no streaming output, and no multi-agent connections. The move is seen as a necessary, though delayed, step rather than a groundbreaking change. WeChat’s approach is elegant—acting as a platform rather than building its own agent, thus supporting various OpenClaw-compatible models. However, the integration doesn’t lower the barrier to effectively using AI agents; it only simplifies access. The real challenge remains in configuring and leveraging agents meaningfully. Long-term, this signals WeChat’s shift from connecting people to also connecting humans and AIs, paving the way for future native AI-agent integrations within WeChat’s ecosystem. But for now, it’s a cautious, incremental update—typical of WeChat’s product philosophy.

marsbit1 ч. назад

10 Cold Takes on WeChat's Integration of OpenClaw

marsbit1 ч. назад

Торговля

Спот
Фьючерсы
活动图片

Популярные категорииright-arrow

Популярные тегиright-arrow