Coppell, Texas-based pizza restaurant chain Cicis, acknowledged a possible credit card breach at more than 135 locations. At the same time, cybersecurity firm Comodo reported new dangerous malware infected Mac operating systems.
The admission by Cicis comes more than a month after KrebsOnSecurity first broke the news of the intrusion.
In a statement, Cicis said that in early March 2016, the restaurant chain received reports from several of its locations that POS systems were not operating properly. "The point-of-sale vendor immediately began an investigation to assess the problem and initiated heightened security measures," the company said in a press release. "After malware was found on some point-of-sale systems, the company began a restaurant-by-restaurant review and remediation, and retained a third-party cybersecurity firm, 403 Labs, to perform a forensic analysis."
The forensic firm reported its findings on July 19, 2016, confirming that a malicious software program, introduced by a hacker to the POS system, used by some Cicis locations in Alabama, Arkansas, Florida, Georgia, Kentucky, Louisiana, Maryland, Missouri, Mississippi, North Carolina, Oklahoma, Ohio, South Carolina, Tennessee, Texas, Virginia and Wisconsin. It also reported the elimination of the malware threat.
According to Cicis, "the vast majority of the intrusions began in March of 2016," but the company acknowledges that the breach started as early as 2015 at some locations.
Cicis said it continues to monitor and upgrade its systems. "While we believe most of the breaches were remedied within a few weeks of the intrusion, out of an abundance of caution we are not declaring some restaurants as threat-free until they were reviewed by our forensic analyst this month."
The restaurant chain advised customers who used a payment card during the timeframe at an affected restaurant to pay particular attention payment-card statements for unauthorized activity.
Meanwhile, Clifton, N.J.-based Comodo, reported in a blog the latest malware to hit Mac operating systems is the EasyDoc Converter. Cybersecurity experts discovered this dangerous Mac malware on online websites offering applications and software for the Mac OS. "If Mac users still believe that their systems cannot get infected then they better get wary now," the blog warned.
The EasyDoc Converter purports to convert files, however, the malicious EasyDoc Converter does not do any conversion or any other genuine function. It is a script that contains an embedded backdoor malware, designated as Backdoor.MAC.Eleanor. "This Mac malware allows attackers to gain complete access of the operating system, the webcam, shell execution and the file explorer."
Cybercriminals employed the tool Platypus to create the malicious app. When the malicious app runs it displays a screen typical to a drag-and-drop file converter, but it lacks any functionality. The malware installs a number of malicious components in the startup of the computer: A Tor Hidden Service, Web Service and a PasteBin Agent.
Can your cybersecurity strategy handle an attack? Do you have the latest tools and techniques to prevent fraud and data breaches?
Get them at our two-day conference Oct. 11-12 at the Sheraton Dallas Fraud: Don't Let It Happen To Your Credit Union. Plus you'll also learn strategies for responding in the immediate aftermath and best practices for restoring reputation, financial stability and information security. Save $150 and Register Now!
© 2025 ALM Global, LLC, All Rights Reserved. Request academic re-use from www.copyright.com. All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.
Roy Urrico
Roy W. Urrico specializes in articles about financial technology and services for Credit Union Times, as well as ghostwriting, copywriting, and case studies. Also: writer/editor of a semi-annual newsletter for Association for Financial Technology since 1997 and history projects funded by the U.S Interior Department, National Park Service and Warren County (N.Y.).
