A single compromised laptop served as the gateway for one of the most notorious hacking collectives to infiltrate Bitrefill, a prominent crypto-to-gift-card platform.
The company recently confirmed that it fell victim to an intrusion on 1 March 2026, pointing the finger at the North Korean-linked Lazarus Group, also known as Bluenoroff.
This is the same entity behind the staggering $1 billion theft from Bybit early last year.
The attackers did not just stumble into the system; they meticulously exploited a legacy credential found within a system snapshot to escalate their access, eventually reaching the heart of the company’s production secrets and several cryptocurrency hot wallets.
The breach began quietly when an employee's device was infected with malware.
Once the hackers secured their initial foothold, they moved laterally through Bitrefill's infrastructure.
The company’s security team only realized something was wrong when they spotted "suspicious purchasing patterns" involving their gift card suppliers.
While the attackers were busy exploiting inventory and supply lines, they were simultaneously draining hot wallets.
In a decisive move to stop the bleeding, Bitrefill pulled the plug on its entire global network.
Because the e-commerce giant manages thousands of products and dozens of suppliers, the cleanup and rebooting process was a massive undertaking that kept services offline for over two weeks.
While Bitrefill has not disclosed the exact dollar value of the digital assets lost, it confirmed that the financial hit would be absorbed by the company’s own operational capital.
The firm was quick to reassure its user base that all individual account balances remain safe and unaffected.
Interestingly, the hackers seemed less interested in a mass data haul and more focused on immediate liquid assets.
According to the company's logs, “based on our investigation and logs, we don’t have reason to think that customer data was the objective.”
Instead, the intruders performed limited queries, appearing to hunt for high-value targets like crypto holdings and gift card stock.
Despite the focus on funds, the breach did expose some customer information.
Approximately 18,500 purchase records were accessed, which included email addresses, crypto payment addresses, and IP metadata.
A smaller group of about 1,000 customers who provided names for specific products saw their data potentially compromised.
Although these names were encrypted, Bitrefill warned that the hackers might have obtained the encryption keys.
The company has already reached out to those affected.
Fortunately, Bitrefill’s lean data policy acted as a natural defense.
They do not require mandatory KYC for most users, and any sensitive identity documents are stored with a third-party provider, keeping them out of reach of the internal servers that were hit.
The evidence pointing to North Korea is substantial.
Bitrefill worked alongside security heavyweights like Zeroshadow and SEAL Org to trace the stolen funds on the blockchain and conduct forensic analysis.
The investigation uncovered malware signatures, reused IP addresses, and email accounts previously tied to DPRK operations.
This attack follows a grim trend in the industry, where North Korean hackers were reportedly responsible for over $2 billion in crypto thefts in 2025 alone.
To prevent a repeat performance, Bitrefill has overhauled its internal access controls and automated its incident response, ensuring that a single compromised device can no longer jeopardize the entire network.
The U.S. Supreme Court has refused to hear a case brought by Stephen Thaler on whether art made only by AI can be protected by copyright in the United States. The U.S. Copyright Office had already rejected the work because it had no human creator, and the courts have now left that rule unchanged.
WeatherlyThe Bank of Japan is testing how central bank deposits could be used for settlements on blockchain systems through a controlled sandbox project. Governor Kazuo Ueda said the trials will explore connections with existing payment systems and potential uses like interbank and securities settlement.
AnaisEric Halem, a former LAPD officer, was convicted of kidnapping and stealing $350,000 in bitcoin from a 17-year-old after posing as police to enter his apartment. He will be sentenced on 31 March, while his co‑defendants have not yet stood trial.
WeatherlyVitalik Buterin said Ethereum cannot fix the world’s problems and should not try to act like a political power, even though financial freedom remains important. Instead, he urged the network to focus on building open tools that protect privacy, support coordination and reduce the risk of any single authority gaining total control.
AnaisX will suspend creators from its revenue-sharing programme for 90 days if they post AI-generated videos of armed conflict without marking them as AI-made. Repeat violations will lead to permanent removal, as the platform aims to stop misleading content and protect authentic information during war.
WeatherlyAmerican Bitcoin Corp has bought 11,298 new mining machines, raising its capacity by about 12% to 28.1 EH/s, with the equipment being installed in Alberta this month. At the same time, rivals MARA Holdings and Core Scientific are selling Bitcoin and shifting their operations towards AI data centres instead.
AnaisOpenAI is developing its own code-hosting platform after GitHub faced repeated outages that disrupted its work. The new platform may be offered as a paid service, putting OpenAI in direct competition with Microsoft.
WeatherlyAustralia’s regulator ASIC has granted AUDC Pty Ltd a full licence to operate the AUDD stablecoin, allowing banks and businesses to use it legally for digital transactions on the XRP Ledger and other blockchains. The stablecoin is fully backed by Australian dollars in trust accounts, making it an institutional-grade payment option with clear regulatory approval.
AnaisJensen Huang said Nvidia’s US$30 billion investment in OpenAI is likely its last big one, because OpenAI plans to go public later this year. He also said the earlier US$100 billion plan is off the table and Nvidia’s US$10 billion investment in Anthropic will probably be its final one.
WeatherlyLamborghini dealerships in New Jersey and California are now accepting Bitcoin, Ethereum, and other cryptocurrencies for car purchases, using BitPay to convert payments instantly into U.S. dollars. This removes the risk of crypto price swings, letting buyers spend digital assets while dealerships receive a fixed dollar amount.
Anais