\n
![](\"https:\/\/media.crypto.news\/2025\/08\/crypto-news-hacker-breach-scam-option01.webp\")
<\/p>\n
\n<\/p>\n
The notorious Lazarus Group may have been behind a cyberattack on crypto e-commerce store Bitrefill, the firm estimates.<\/p>\n
\n Summary<\/span>\n <\/p>\n <\/p>\n Detailing the March 1 incident in a Tuesday X post<\/a>, the firm said the attackers used malware, on-chain tracing, and reused IP and email infrastructure to drain funds from its hot wallets after compromising an employee\u2019s laptop. Attackers also allegedly accessed around 18,500 purchase records, although this involved only \u201climited customer information.\u201d<\/p>\n \u201cWe find many similarities between this attack and past cyberattacks by the DPRK Lazarus \/ Bluenoroff group against other companies in the crypto industries,\u201d the firm wrote.<\/p>\n <\/p>\n Bitrefill is a crypto e-commerce platform that allows customers to spend digital assets on real-world products and gift cards. It added that the attackers were primarily financially motivated, as there was \u201cno evidence that they extracted our entire database.\u201d<\/p>\n \u201cThe attackers ran a limited number of queries consistent with probing to understand what there was to steal, including cryptocurrency and Bitrefill gift card inventory,\u201d it added.<\/p>\n Bitrefill did not disclose how much crypto was stolen but said it would absorb the losses from its operational capital.<\/p>\n \u201cWe have already significantly improved our cybersecurity practices, but vow to continue to draw learnings from this experience to make sure user and company balances and data remain maximally safe,\u201d Bitrefill said, adding that all operations were back to normal.<\/p>\n The company has since strengthened its security posture and has contacted law enforcement while working with security firms to investigate and respond to the incident.<\/p>\n Over the years, the Lazarus Group has been credited with some of the crypto industry\u2019s largest hacks<\/a>.<\/p>\n One of the biggest attacks involved crypto exchange Bybit, which lost around $1.4 billion last year. The group was also a suspected actor behind the hack of South Korean crypto exchange Upbit<\/a> and UK-registered trading platform Lykke<\/a>.<\/p>\n <\/p><\/div>\n\n\n
Lazarus group remains a major threat<\/h2>\n