North Korea-Linked Hackers Suspected in Bitrefill Breach

Bitrefill, a cryptocurrency platform, has been targeted in a cyberattack that has left its users concerned about their financial security. According to the company's investigation, the breach is suspected to be linked to North Korea's Lazarus/Bluenoroff group, which has been known for its sophisticated and persistent attacks on cryptocurrency platforms.

The attack occurred on March 1, when hackers gained access to Bitrefill's systems through a compromised employee's laptop. They were able to extract a legacy credential that allowed them to expand their access across the company's systems, reaching parts of the database and certain cryptocurrency wallets.

Bitrefill has confirmed that about 18,500 purchase records were accessed during the attack, including email addresses, cryptocurrency payment addresses, and metadata such as IP addresses. However, the company has assured its users that there is no indication that customer data was the main focus of the attack, and that it stores minimal personal data.