Chinese Hackers Breach Samsung Pay's LoopPay Accessing Corporate Network Data
In the retrospect of how often hackers compromise servers or find vulnerabilities within large companies over the Internet, we would have to write a book each week just to keep up with the surmounting attacks.
Samsung is now in the limelight of being a new target on the radar screen of hackers who have taken the liberty to attack LoopPay, which is a subsidiary of Samsung Pay that allows storage of credit cards for quick pay access via smartphones. The company was acquired by Samsung in February 2015 for about $250 million and launched in South Korea in July of this year.
The New York Times have published an article detailing the activities of what appears to be the Chinese hacking group Codoso, which was responsible for running watering hole attacks on Forbes.com back in February.
Samsung and its LoopPay service were informed to investigate a breach later discovering that the Chinese hackers were able to access the company's corporate network and not the systems that managed Samsung Pay transactions.
We have seen it before, hackers attack a large company and end up only making away with data that doesn't grant them a quick payday – as the reports will only tell you. However, that's only half of the story as hackers like the Codoso group will look to sell off their data and later make money by underground marketplace vultures paying them for such information potentially uncovering details about the company's previous acquisition.
The curiosity of hackers like the Chinese Codoso group continues to be a serious issue among large companies even when their computer security infrastructure is claimed to be “sound” and protected. From this, we are lead to believe the idea that the Chinese Codoso hackers attacked Samsung Pay's LoopPay out of a state-sponsored or cyber-espionage attack driven by unnamed person's curiosity to find out additional details of the company.
In the case of Samsung and their acquisition of LoopPay, Chinese hackers could be sifting through their collected data during the breach to uncover the find details behind the acquisition deal, and nothing else. This wouldn't be the first time a data breach has taken place just to find out the dirty details about a company's actions, and it won't be the last time, unfortunately.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.