Crypto e-commerce firm Bitrefill discloses cyberattack, names North Korea’s Lazarus Group as potential suspect
Bitrefill, a crypto e-commerce firm, suffered a cyberattack potentially linked to North Korea’s Lazarus Group, resulting in drained hot wallets and compromised customer data.Summary
Bitrefill, a cryptocurrency e-commerce and gift card business, announced it was the victim of a cyberattack earlier this month, strongly suspecting the involvement of the North Korean state-sponsored hacking group, Lazarus Group, and its Bluenoroff subgroup. The attack, which began on March 1, allowed hackers to drain funds from the company’s hot wallets and make suspicious purchases. Approximately 18,500 purchase records were accessed, potentially exposing limited customer information like email addresses and crypto payment addresses. While the financial losses are currently unclear, Bitrefill stated it will cover them from its operational capital. The company believes the attack originated from a compromised employee laptop, a common tactic used by Lazarus Group. Bitrefill emphasized that it does not store mandatory KYC data internally, and there is no evidence of a full database extraction, but attackers did probe for cryptocurrency and gift card inventory. Systems have been restored, and sales volumes have returned to normal.
(Source:The Block)