Thomas

So good, it sounds like a scam...Bitrefill.

BOLD can never be frozen or stopped that's it, that's the tweet hold decentralized stablecoins.

It was awesome chatting with @Crypto_Goblinz at @EthereumDenver

Interface diversity = Resilience Great to have @ambire support Safe smart accounts 💚🟢

@AriEiberman tBTC @TheTNetwork with @NeriteOrg, you get to choose your own interest rate with the Liquity V2 model

I’m a bit embarrassed to ask this, but… Where can I take out a loan using self-custodied Bitcoin as collateral? With a low APY, obviously. And preferably no wBTC or similar wrappers 🙏

@A_Leutenegger @capmoney_ @LiquityProtocol @genericmoney I would add @NeriteOrg @asymmetryfin and FXN

Top of mind 3 protocols that benefit from this: @capmoney_ @LiquityProtocol @genericmoney Decentralization might be back in? Any others?

@adoniscyril It is a pretty awesome wallet.

see y’all soon!

Great Space to join if you want to learn more about @Balancer LBP's and NERI🐌

@NeriteOrg haha, appreciate the free ad read

Check out our new trove explorer and see every open position on Nerite. See how people are borrowing millions against their tBTC, rETH, ARB, and more.

The biggest game of the first round is on Friday, when Long Island battles Arizona for iced tea supremacy

@TallNupinks @bitrefill It is could be related to some of the security measures taken. Logging out and back in general does work. If you aren’t receiving the 2FA emails, be sure to note that in your ticket because that is also a related issue.

@bitrefill Interesting timing. I've been trying to access my account, and 2FA emails are not arriving. Your support simply tell me to "clear my cache"🙄. Can anyone please help, @bitrefill ??

March 1st incident report On March 1, 2026, Bitrefill was the target of a cyberattack. Based on indicators observed during the investigation - including the modus operandi, the malware used, on-chain tracing and reused IP + email addresses (!) - we find many similarities between this attack and past cyberattacks by the DPRK Lazarus / Bluenoroff group against other companies in the crypto industries. The initial access originated through a compromised employee laptop, from which a legacy credential was exfiltrated. That credential provided access to a snapshot containing production secrets. From there, the attackers were able to escalate their access to our broader infrastructure, including parts of our database and certain cryptocurrency wallets. We first detected the incident after noticing suspicious purchasing patterns with certain suppliers. We realized that our gift card stock and supply lines were being exploited. At the same time we found some of our hot wallets being drained and funds transferred to attacker-controlled wallets. The moment we identified the breach, we took all of our systems offline as part of our containment response. Bitrefill operates a global e-commerce business with dozens of suppliers, thousands of products, and multiple payment methods across many countries. Safely switching all these things off and bringing them back online is not trivial. Since the incident, our team has been working closely with top industry security researchers, incident response specialists, on-chain analysts and law enforcement to understand what happened and how we can prevent it from happening again. A sincere thank you to @zeroshadow_io, @SEAL_Org, @RecoverisTeam and @fearsoff for their rapid response and support throughout this ordeal. What about your data Based on our investigation and our logs we don’t have reason to think that customer data was the target of this breach. There is no evidence that they extracted our entire database, only that the attackers ran a limited number of queries consistent with probing to understand what there was to steal, including cryptocurrency and Bitrefill gift card inventory. Bitrefill was designed to store very little personal data. We are a store, not a crypto service provider. We don’t require mandatory KYC. When a customer chooses to verify their account - e.g. to access higher purchasing tiers or certain products - that data is kept exclusively with our external KYC provider, with no backups in our system. Still, based on database logs, we know that a subset of purchase records was accessed and we want to be transparent about that. Around 18,500 purchase records were accessed by the attackers. Those records contained limited customer information, such as email addresses, crypto payment address, and metadata including IP address. For approximately 1,000 purchases, specific products required customers to provide a name. That information is encrypted in our database. However, since the attackers may have gotten access to the encryption keys, we are treating this data as potentially accessed. Customers in this category have already been notified directly by email. At this time, based on the information currently available, we do not believe customers need to take specific action. As a precaution, we recommend remaining cautious of any unexpected communications related to Bitrefill or crypto. If this assessment changes, we will of course immediately inform those affected. What we are doing We have already significantly improved our cybersecurity practices, but vow to continue to draw learnings from this experience to make sure user and company balances and data remain maximally safe. Specifically we’re: -Continuing thorough cybersecurity reviews and pentests with multiple external experts and implementing recommendations; -Further tightening internal access controls; -Further improving logging and monitoring for faster detection and more effective response; and -Continuing to refine and test our incident response procedures and automated shutdown procedures. The bottom line Getting hit by a sophisticated attack sucks (a lot). We’ve been in business for over 10 years and it’s the first time we’ve been hit this hard. But we survived. Bitrefill was designed to limit the impact if something like this ever happened. Bitrefill remains well funded, has been profitable for several years and will absorb these losses from our operational capital. Almost everything is back to normal: payments, stock, accounts. Sales volumes are also back to normal, and we are eternally thankful to our customers for your continued confidence in us. We will continue to do our best to continue deserving your trust. Thank you!

@babysolo_ @QubesOS @Tails_live @torproject @SparrowWallet @0xFrame @RetoSwap @mullvadnet Not sure if Frame is actively maintained. I think @ambire is a better EVM solution.

The 2026 crypto Privacy stack: (Desktop version) OS: @QubesOS / @Tails_live Browser: @torproject / LibreWolf Wallet XMR: Monero GUI + own node Wallet BTC: @SparrowWallet Wallet EVM : @0xFrame DEX: @RetoSwap 2FA: KeePassXC (built in TOTP) VPN: @mullvadnet Missing something?

@rainandori @bitrefill @lifiprotocol There’s a service fee to pay with cards/fiat, not with crypto

@bitrefill @lifiprotocol Can't send dm's idk why. Please have a look.

More payment methods are back.   Binance Pay and fiat are live again. So is our @lifiprotocol integration, which you can use to shop on Bitrefill from 50+ chains with 6,000+ tokens.   Getting closer to full speed. Stay tuned: bitrefill.com/service

@pet3rpan_ Best time zone to hire from. You get the most working hours from PST.

PST is literally the worst Timezone, I can’t believe how y’all actively are able to do this consistently

Never blame your user.

@0xJHan @rwasummit @live_0n_crypt0 don’t miss this one at ETHCC

Looking forward to speaking at @RWASummit in Cannes about RWA lending and distribution and how real-world assets are reshaping finance.

Ep 69: Bitrefill x.com/i/broadcasts/1…

Stream in 50 mins with the @bitrefill team 🫡

@coingecko Have a bit of a bias but @bitrefill

Overlooked project?

@coingecko @TrustWallet @MetaMask @coinbase @phantom @exodus @blockchain @AtomicWallet Kind of crazy to not have @ambire or @Rabby_io

Top Hot Wallets in 2026 🔥 1. @TrustWallet 2. @MetaMask 3. @Coinbase 4. @Phantom 5. @Exodus 6. @Blockchain 7. @AtomicWallet Did your favorite wallet make the list?