The PayFair project, an Ethereum-based startup that has been around for about three years, closed its site temporarily due to a compromised private key on its chief cold wallet. The funds were moved from the hacked wallet into a still unrevealed new cold storage.
PayFair Site Closed to Prevent Further Attacks
PayFair caused panic as its site closed, generating rumors of an exit scam, especially as one of its chief cold wallets was emptied. But the project’s communication manager, John Pomelov, calmed the fears.
“I don’t think that it makes sense to “exit scam”, after 3 years of the platform’s operation, we suddenly decided to give it up, it’s pointless,” Pomelov said in an exclusive statement for Bitcoinist.
For now, PayFair is running an internal investigation, stating that the actual losses of ETH were quite small, without disclosing the exact sum. PayFair announced it would disclose more information on the size of the heist and the schedule to return funds during the coming weekend.
PayFair disclosed that the attack happened this September 29, as a result of hacking activity against its escrow platform. The exact way that the private key was compromised is yet unknown. The team’s explanation is that hacks are becoming more sophisticated.
Private Keys Targeted by Hackers
Stealing private keys has happened on several occasions, including the hack against Coincheck, as well as the Cryptopia exchange. In the case of Cryptopia, the hacker not only used the key, but erased all copies of the exchange’s keys. Cryptopia was then unable to recover even a fraction of the funds.
The PayFair (PFR) market price remains relatively unchanged at $0.000854, despite the news of the closed site and the compromised wallet. PFR has traded above $0.45 as of December 2018, before wiping out most of its value. The PFR token was distributed in an ICO in September 2017, where it managed to raise $182,919.
What do you think about the PayFair hack? Share your thoughts in the comments section below!
Images via Payfair.io
The Rundown
