Crypto e-commerce firm Bitrefill discloses cyberattack, names North Korea’s Lazarus Group as potential suspect
Bitrefill said attackers accessed 18,500 purchase records, potentially revealing “limited customer information."
Crypto e-commerce platform Bitrefill has disclosed a cyberattack that compromised customer data, with the company identifying North Korea's notorious Lazarus Group as a potential suspect. The breach affected approximately 18,500 purchase records, potentially exposing what Bitrefill described as "limited customer information." The company has not specified the exact nature of the compromised data or when the attack occurred.
The Lazarus Group has been linked to numerous high-profile cryptocurrency thefts and cyberattacks targeting financial institutions worldwide. The North Korean state-sponsored hacking group has been responsible for billions of dollars in stolen digital assets, including attacks on major exchanges and DeFi protocols. Bitrefill operates as a platform allowing users to purchase gift cards and mobile top-ups using cryptocurrency, making it an attractive target for cybercriminals seeking to exploit crypto-related services.
This incident highlights the ongoing security challenges facing cryptocurrency businesses, particularly as state-sponsored threat actors increasingly target the digital asset ecosystem. The breach adds to growing concerns about the vulnerability of crypto infrastructure to sophisticated cyberattacks, potentially impacting user confidence in crypto-commerce platforms.
Industry observers will likely monitor whether other crypto e-commerce platforms implement enhanced security measures in response to this attack, and whether regulatory authorities increase scrutiny of cybersecurity practices within the cryptocurrency sector.
Source: The Block