PayFair, a decentralized escrow platform that has been around for approximately three years, closed its website temporarily as a result of a compromised private key on its principal cold wallet.
An unidentified hacker was able to acquire access to one of the platform’s private keys without being caught. The funds were transferred from the compromised wallet into a still undisclosed new cold storage.
According to sources, the customer funds in escrow accounts and on client balances were kept safe from danger. All of this money is currently located in a backup wallet of which the address has never been shared with the public.
PayFair generated panic when its website closed, resulting in rumors of an exit scam, particularly when one of its principal cold wallets was emptied.
Currently, PayFair is conducting an internal investigation, indicating that the actual losses of Ethereum (ETH) were relatively low, without revealing the precise amount. Additional information regarding the magnitude of the crypto heist and the schedule to return funds is expected to be released during the forthcoming weekend.
PayFair revealed that the cyber attack occurred on September 29. Not too much is known about what the hacker did exactly to hack PayFair and compromise its private key.
Security Issues Continue To Exist
Hackers have always found a way to successfully steal funds and remain unidentified. Whether it is by hacking cryptocurrency exchanges or individual projects, they have always remained successful in achieving their goals of stealing money.
Stealing private keys has occurred in numerous instances, notably the massive Coincheck hack.