Menu
Hackers who targeted Samsung Pay may be looking to track individuals

Hackers who targeted Samsung Pay may be looking to track individuals

The hackers who allegedly broke into the Samsung subsidiary are spies more than profiteers

The security breach at Samsung subsidiary LoopPay was probably more about spying than about gathering consumer data for profit, and the worst could be yet to come, a security analyst said Wednesday.

Samsung acknowledged the attack on LoopPay, which it acquired in February for technology that it uses in its Samsung Pay service. It said hackers only breached LoopPay's office network, not systems used by Samsung Pay. The affected servers have been isolated and no personal payment information was put at risk, according to Samsung.

However, if the breach was carried out by the notorious Codoso Group in China, as The New York Times reported, it probably wasn't intended to steal consumer data for sale, said Ken Westin, a senior security analyst at threat-detection software company TripWire.

The Codoso Group has been linked to large-scale attacks on major defense, finance and other organizations, including websites related to the Uyghur minority in China. It allegedly is affiliated with the government of China.

The hackers probably wanted access to LoopPay's code, possibly to develop the capability to collect information on individuals, Westin said.

Alex Holden, CEO of the consultancy Hold Security, agreed. Codoso may have ultimately wanted to know "who bought what, when," he said. For example, if an important individual made a purchase at a coffee shop in Los Angeles, an infiltrator could learn something about that person's travels.

And while LoopPay may have worked out the details of this particular breach, it's probably facing what security researchers call an advanced persistent threat, he said. That kind of attacker keeps coming back and probing different parts of a company's infrastructure looking for weaknesses and laying the groundwork for future infiltrations. Samsung should be worried, Westin said.

However, the attack shouldn't prevent consumers from using Samsung Pay, Westin said.

"I would be cautious, as you should be with any new sort of payment service, but I don't think this is a reason not to use the service at this time," he said.

LoopPay's network was breached in February, shortly before Samsung bought the Massachusetts startup for US$250 million, the Times said. The hackers were in the network for about five months before LoopPay discovered the breach in late August, when an organization tracking the Codoso Group found LoopPay's data.

That shows the startup may have had strong intrusion prevention tools but weak detection capabilities, Westin said. The most sophisticated hackers don't even use identifiable malware but but exploit components within a company's own systems, like Powershell on Windows. "For a lot of businesses, this is a big challenge now," he said.

Samsung Pay is the latest platform for wirelessly buying things with a mobile device by holding it up to a point-of-sale system. Like Apple Pay, it's designed to be more secure than traditional credit cards because each payment doesn't use the same card number. Instead, the system uses an encrypted token and certificate information that can only be used once, according to Samsung.

Samsung acquired LoopPay for a technology it developed, Magnetic Secure Transmission, that lets a mobile device emulate a magnetic stripe card. That helps Samsung Pay work with older payment systems.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Events

Featured

Slideshows

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners

This year’s Reseller News 30 Under 30 Tech Awards were held as an integral part of the first entirely virtual Emerging Leaders​ forum, an annual event dedicated to identifying, educating and showcasing the New Zealand technology market’s rising stars. The 30 Under 30 Tech Awards 2020 recognised the outstanding achievements and business excellence of 30 talented individuals​, across both young leaders and those just starting out. In this slideshow, Reseller News honours this year's winners and captures their thoughts about how their ideas of leadership have changed over time.​

Meet the Reseller News 30 Under 30 Tech Awards 2020 winners
Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security

This exclusive Reseller News Exchange event in Auckland explored the challenges facing the partner community on the cloud security frontier, as well as market trends, customer priorities and how the channel can capitalise on the opportunities available. In association with Arrow, Bitdefender, Exclusive Networks, Fortinet and Palo Alto Networks. Photos by Gino Demeer.

Reseller News Exchange Auckland: Beyond the myths — how partners can master cloud security
Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomes industry figures at 2020 Hall of Fame lunch

Reseller News welcomed 2019 inductees - Leanne Buer, Ross Jenkins and Terry Dunn - to the fourth running of the Reseller News Hall of Fame lunch, held at the French Cafe in Auckland. The inductees discussed the changing face of the IT channel ecosystem in New Zealand and what it means to be a Reseller News Hall of Fame inductee. Photos by Gino Demeer.

Reseller News welcomes industry figures at 2020 Hall of Fame lunch
Show Comments