Crypto e-commerce platform Bitrefill said it was the target of a cyberattack earlier this month that resulted in stolen funds and limited exposure of customer data, with indicators pointing to the North Korean-linked Lazarus Group as a likely perpetrator.

The breach, which began on March 1, originated from a compromised employee laptop, according to the company’s incident report. 

Attackers were able to extract legacy credentials tied to production systems, allowing them to escalate access across Bitrefill’s infrastructure, including segments of its internal database and certain cryptocurrency hot wallets.

Bitrefill said the attackers drained an undisclosed amount of…

Read more on BitcoinMagazine