Crypto E-Commerce Platform Bitrefill’s Funds Drained In North Korean Cyberattack
Bitrefill, a Swedish crypto e-commerce platform, disclosed a cyberattack on March 1, 2026, attributed to North Korean hackers linked to the Lazarus group. The breach began with a compromised employee laptop, allowing attackers to access sensitive data, including production secrets. Suspicious purchasing patterns led to the discovery that hot wallets were drained, with funds redirected to attacker-controlled addresses. Approximately 18,500 purchase records were exposed, containing limited user data such as email addresses, crypto payment addresses, and IPs. For about 1,000 purchases, encrypted names may have been accessed. Bitrefill is enhancing cybersecurity through external reviews, tighter access controls, and improved monitoring. The company stated it remains well-funded and will cover losses from operational capital.
bitcoinist03/18 05:02
