In March 2026, North Korea’s BlueNoroff group breached Bitrefill, a cryptocurrency gift card platform, via a compromised employee laptop. Attackers moved laterally to production secrets and hot wallets, exposing approximately 18,500 customer purchase records and draining select wallets. Bitrefill reports minimal net financial losses, but the incident confirms DPRK threat actors are actively targeting crypto-sector platforms for currency generation using credential theft rather than novel exploits.