Menu
Hackers who targeted Samsung Pay may be looking to track individuals

Hackers who targeted Samsung Pay may be looking to track individuals

The hackers who allegedly broke into the Samsung subsidiary are spies more than profiteers

The security breach at Samsung subsidiary LoopPay was probably more about spying than about gathering consumer data for profit, and the worst could be yet to come, a security analyst said Wednesday.

Samsung acknowledged the attack on LoopPay, which it acquired in February for technology that it uses in its Samsung Pay service. It said hackers only breached LoopPay's office network, not systems used by Samsung Pay. The affected servers have been isolated and no personal payment information was put at risk, according to Samsung.

However, if the breach was carried out by the notorious Codoso Group in China, as The New York Times reported, it probably wasn't intended to steal consumer data for sale, said Ken Westin, a senior security analyst at threat-detection software company TripWire.

The Codoso Group has been linked to large-scale attacks on major defense, finance and other organizations, including websites related to the Uyghur minority in China. It allegedly is affiliated with the government of China.

The hackers probably wanted access to LoopPay's code, possibly to develop the capability to collect information on individuals, Westin said.

Alex Holden, CEO of the consultancy Hold Security, agreed. Codoso may have ultimately wanted to know "who bought what, when," he said. For example, if an important individual made a purchase at a coffee shop in Los Angeles, an infiltrator could learn something about that person's travels.

And while LoopPay may have worked out the details of this particular breach, it's probably facing what security researchers call an advanced persistent threat, he said. That kind of attacker keeps coming back and probing different parts of a company's infrastructure looking for weaknesses and laying the groundwork for future infiltrations. Samsung should be worried, Westin said.

However, the attack shouldn't prevent consumers from using Samsung Pay, Westin said.

"I would be cautious, as you should be with any new sort of payment service, but I don't think this is a reason not to use the service at this time," he said.

LoopPay's network was breached in February, shortly before Samsung bought the Massachusetts startup for US$250 million, the Times said. The hackers were in the network for about five months before LoopPay discovered the breach in late August, when an organization tracking the Codoso Group found LoopPay's data.

That shows the startup may have had strong intrusion prevention tools but weak detection capabilities, Westin said. The most sophisticated hackers don't even use identifiable malware but but exploit components within a company's own systems, like Powershell on Windows. "For a lot of businesses, this is a big challenge now," he said.

Samsung Pay is the latest platform for wirelessly buying things with a mobile device by holding it up to a point-of-sale system. Like Apple Pay, it's designed to be more secure than traditional credit cards because each payment doesn't use the same card number. Instead, the system uses an encrypted token and certificate information that can only be used once, according to Samsung.

Samsung acquired LoopPay for a technology it developed, Magnetic Secure Transmission, that lets a mobile device emulate a magnetic stripe card. That helps Samsung Pay work with older payment systems.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments