Despite the hack of LoopPay, whose technology is at the heart of Samsung's mobile payment system, the electronics company said its Samsung Pay is secure.
The Chinese hackers, identified as the Codoso Group (aka, Sunshock Group) only made it as far as LoopPay's corporate network months before the payment system was launched, but never infiltrated the smaller company's corporate network, according to a report in the New York Times.
The report cited LoopPay executives as saying that the hacking group was likely after its magnetic secure transmission (MST) technology that is an integral part of Samsung Pay.
Samsung bought the Massachusetts-based LoopPay in February, the hackers may have made their first foray into the company's systems in March although the breach was not discovered until late August. Samsung Pay launched in the U.S. 38 days later, prompting speculation among security professionals that the companies may be premature in their assertions that the hackers had limited access to Loop Pay systems since the Codoso Group is known for dropping hidden backdoors into victims' systems, lying in wait and continuing its intrusion, the Times said.
The report noted Ponemon Institute research that says it takes an average of 46 days to resolve an attack and quoted iSight Partners John Hultquist as saying, “Once Codoso compromises their targets — which range from dissidents to C-level executives in the U.S. — they tend to stay there for quite a long time, building out their access points so they can easily get back in.”
LoopPay reportedly hired Charleston, S.C.-based Sotoria and a second forensics security firm to look into the breach.