A Point-of-Sale (POS) malware which uses a domain generation algorithm to create command-and-control domains on the fly was deployed in attacks against small and medium-sized businesses during the last four years. The malware, dubbed DMSniff, was designed with credit card data theft as the final goal. It uses at least 11 variants of the DGA algorithm which hints at the bad actors having deployed 11 different versions of the malware during the past four years since at least 2016.
Source: https://www.bleepingcomputer.com/news/security/dmsniff-point-of-sale-malware-silently-attacked-smbs-for-years/