Cyber Crime

Catch Hospitality Group discloses PoS malware infection at its restaurants

The Catch Hospitality Group has suffered a malware attack, a point-of-sale malware has infected systems (POS) at several restaurants of the chain.The Catch Hospitality Group has suffered a malware attack, a point-of-sale malware has infected systems (POS) at several restaurants of the chain.

Catch Hospitality Group announced that a PoS malware has infected its payment systems at NYC hotspots Catch NYC, Catch Rooftop, and Catch Steak restaurants.

The malicious code was designed to steal credit card information from customers.

The company launched an investigation after detecting the unauthorized activity on some of its payment processing systems, it also hired a cybersecurity firm to investigate the security breach.

The investigation revealed the presence of PoS malware on some of its payment systems. PoS malware is used by crooks to steal track data encoded on the magnetic stripe on credit cards, including the credit card number, expiration date, and internal verification code.

“The malware searched for track data (which sometimes has the cardholder name in addition to card number, expiration date, and internal verification code) read from a payment card as it was being routed through these POS devices. There is no indication that other customer information was accessed.” reads the data breach notification published by Catch Hospitality Group.

Experts determined that the PoS malware was active on the payment systems in the two locations in different timeframes. For Catch NYC (including Catch Roof), the timeframe was from March 19, 2019 through October 17, 2019. For Catch Steak, the timeframe was September 17, 2019 through October 17, 2019.

Not all POS devices were infected, the company pointed out that it uses two different point-of-sale (POS) devices at its locations, one that is brought to your table by waitstaff and stationary ones at the bar and where the waitstaff enter orders. Portable POS devices are not affected because they utilize point-to-point encryption.

“The cards involved in this incident are cards used at the bar or in the rare circumstances that a card was swiped at the device where waitstaff enter orders.”

The company declared that it has removed the malware and implemented enhanced security measures for its payment systems.

Catch Hospitality Group reported the incident to its payment processor and notified the incident to law enforcement.

The company recommends customers to review their payment card statements for any unauthorized activity and urge them to immediately report any unauthorized charges to the card issuer.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Catch Hospitality Group, PoS malware)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

A cyber attack hit Japan Airlines delaying ticket sales for flights

A cyberattack hit Japan Airlines (JAL), causing the suspension of ticket sales for flights departing…

36 minutes ago

Apache fixed a critical SQL Injection in Apache Traffic Control

Apache Software Foundation (ASF) addressed a critical SQL Injection vulnerability, tracked as CVE-2024-45387, in Apache Traffic…

10 hours ago

BellaCPP, Charming Kitten’s BellaCiao variant written in C++

Iran-linked APT group Charming Kitten has been observed using a new variant of the BellaCiao…

13 hours ago

DMM Bitcoin $308M Bitcoin heist linked to North Korea

Japanese and U.S. authorities attributed the theft of $308 million cryptocurrency from DMM Bitcoin to…

23 hours ago

Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code

Adobe released out-of-band security updates to address a critical ColdFusion vulnerability, experts warn of a PoC…

2 days ago

Apache Foundation fixed a severe Tomcat vulnerability

The Apache Software Foundation fixed a Tomcat server software flaw that could lead to remote…

2 days ago

This website uses cookies.