There was more to the security breach at LoopPay, Samsung’s mobile payment subsidiary, than just the proverbial data theft involving customer data. It was more of a cyber espionage to gain competitive advantage, according to security experts.
Admitting the hack, Samsung disclosed that attackers were able to penetrate LoopPay’s office network, excluding the infrastructure being used for the Samsung Pay. Samsung bought LoopPay earlier this year to enhance the technology that the Korean phone maker uses in its mobile payment project.
It is also found that the attack did not compromise any of the personal payment data stored in LoopPay’s systems, which means there was no actual data compromise that took place.
The attacks was perpetrated by a group based in China called Codoso, a notorious organization that has been known for conducting spying activities. That is so for one obvious reason; it has ties with the government of China. In the past, the group was implicated in several major attacks on financial institutions and defense organizations.
According to TripWire, which analyzed the attack on Samsung LoopPay, the security breach was not meant to steal data. Instead, the attack was aimed at the LoopPay code, as part of a larger scale effort to gather data on people. These pieces of information could be involving the identity of people who purchased what item using LoopPay.
Other security experts believe LoopPay is suffering from an advanced persistent threat, in which hackers keep repeating the attack on a certain network and exploring various enclaves within the infrastructure in order to find other vulnerabilities and identify potential backdoors for future use.
Does this mean you no longer must use Samsung Pay for security caution? Some security experts do not see the LoopPay breach as a reason not to use Samsung Pay anymore.
Besides, the breach was found to have occurred in February, that was prior to Samsung’s acquisition of the startup business. The breach was found only in August. The challenge for Samsung now is to implement a stronger detection system in addition to the intrusion prevention tools in place because most hackers nowadays use malware tools that can be hard to spot on time. Most of the time they abuse components of a company’s network in order to perpetuate the compromise.
And LoopPay is not the first to sustain the said APT attack. But Samsung Pay being the latest platform to facilitate mobile payment means the company must bolster the security system of the service.