Samsung startup LoopPay was hacked by Chinese hacker Codoso
Chinese hacker group Codoso was said to be responsible for the breach of Samsung's mobile payment system known as LoopPay.
According to a source, the group which has been affiliated with the Chinese government penetrated the system and allegedly spied on Samsung's system instead of taking consumer data for profit.
The New York Times reported that the breach might have occurred earlier, but it was only detected in late August after an organization comes across the LoopPay data during their investigation.
LoopPay chief executive Will Graylin reported that the breach occurs only in the corporate network instead of the production system. He also said that its security team has been alerted and manage to isolate the infected server from others.
Based on their initial analysis, the team also did not find any trace of further breach other that the one mentioned.
According to the Computer World, a senior security analyst for TripWire said that the company should expect another hacking soon as the group might be trying to find any loophole in the network infrastructure.
Samsung spokesperson told that the launch was targeted mainly towards the LoopPay instead of Samsung Pay system, and the incident is considered as an isolated event.
He also added that consumer can still continue using the Samsung Pay without being worried as reported by Engadget.
The system used by Samsung Pay using magnetic secure transmission is different compared to the like such as Apple and Google. The system used by Samsung will allow payment to be made using the new cash register machine and it will also work with the older payment system.
Besides the added advantage, Samsung Pay also is designed to be more secure. The payment made via the mobile device will not use the same credit card number like traditional method of payment.
Instead, it makes use of the encrypted token and certificate information that will be generated once only.
LoopPay is a Massachusetts startup that was acquired by Samsung for $250 million. The technology used by the startup was incorporated into Samsung Pay. The latest attack seems like a targeted attack by some analysis as it comes just a week after Samsung Pay debut in the US.
Samsung Pay system has been used widely in the South Korean and managed to execute transaction worth more than $30 million in the country alone.