The post Bitrefill Hack: Lazarus Group Suspected in Major Crypto Cyberattack 18,500 Users Affected appeared first on Coinpedia Fintech News
Crypto payments platform Bitrefill has confirmed a major cyberattack on March 1, 2026, with signs pointing to the North Korea-linked Lazarus Group. The Bitrefill attack exposed internal systems, drained crypto wallets, and accessed around 18,500 user records. Let’s understand how the Bitrefill hack happened and whether user data is safe.
How the Bitrefill Hack Happened?
The Bitrefill hack began in a simple but most dangerous manner, through a compromised employee’s laptop. In an X post, Bitrefill said Hackers managed to steal old login credentials, which gave them access to internal systems.Â
Stolen login details helped attackers enter internal systems and move deeper into the company’s infrastructure.
From there, they accessed parts of the database and crypto hot wallets, allowing them to transfer funds to external addresses.
As the attack happened, the company first noticed unusual activity when attackers started misusing its gift card system. At the same time, funds were being moved from hot wallets.
Once detected, Bitrefill quickly took all systems offline to stop further damage and secure its platform.
18,500 User Records Exposed
Bitrefill confirmed that about 18,500 purchase records were accessed. This data included email IDs, crypto wallet addresses, and technical details such as IP addresses.Â
In around 1,000 cases, customer names may also have been exposed. The company said this data was encrypted but still treated as potentially compromised.
Despite the breach, Bitrefill said it stores very little personal data and does not require full KYC. Any sensitive user data is kept with external providers, not on its own systems.
Lazarus Group Suspected of Being Behind This Attack
Following the attack pattern, Bitrefill said the incident shows strong similarities to past attacks linked to the North Korea state-sponsored Lazarus Group.
These similarities include malware patterns, reused systems, and on-chain fund movements.
Bitrefill Began an Investigation Following The Hack
Further, in a post, Bitrefill said it began working with cybersecurity experts, blockchain analysts, and law enforcement to investigate the breach.
The company is now improving its system by adding stronger controls, more robust monitoring, and faster response plans.
For users, Bitrefill said there is no need for immediate action but advised staying alert for phishing emails or suspicious messages.
 The post Bitrefill Hack: Lazarus Group Suspected in Major Crypto Cyberattack 18,500 Users Affected appeared first on Coinpedia Fintech News
Crypto payments platform Bitrefill has confirmed a major cyberattack on March 1, 2026, with signs pointing to the North Korea-linked Lazarus Group. The Bitrefill attack exposed internal systems, drained crypto wallets, and accessed around 18,500 user records. Let’s understand how the Bitrefill hack happened and whether user data is safe. How the Bitrefill Hack Happened? …Â
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.