Notorious cybercrime group FIN7 appears to be back at work about a year after the FBI arrested three of its members, which dealt a major blow to the group’s activities.

Between 2015 and the arrests in August 2018, FIN7 was responsible for a very advanced malware campaign that hit 100 companies in the hospitality industry, according to the FBI. Among the names that were publicly disclosed: Chipotle Mexican Grill (CMG), Chili’s (EAT), Arby’s, Red Robin (RRGB), Sonic, and Jason’s Deli.

FIN7 had been previously linked to data heists at Trump Hotels, Whole Foods (AMZN), Saks Fifth Ave and Lord & Taylor (HBAYF).

The group steals credit card data from point-of-sale terminals and other means. The data is then sold on the dark web, the internet’s black market. The cards are then used, costing financial institutions millions of dollars.