Cyber criminals are infecting thousands of computers around the world with malware and are utilizing those compromised machines to break into Point-of-Sale (PoS) terminals. The new botnet campaign, dubbed as BrutPOS, aims to steal payment card information from the POS systems and and other places where payment data is stored, by targeting Microsoft Remote Desktop Protocol (RDP) servers that were disgracefully using poorly secured and simple passwords. The most common username used by the breached servers was “administrator” and the most common passwords were “pos” and “Password1”
Source: https://thehackernews.com/2014/07/brutpos-botnet-compromises-insecure-rdp.html