A new strain of malware has been discovered that relies on a unique technique to steal payment card information from point-of-sale systems. The new POS malware relies upon User Datagram Protocol (UDP) DNS traffic for the exfiltration of credit card information. The malware, dubbed itYes, uses Domain Name System (DNS) queries to exfiltrate stolen data, instead of HTTP that has been used by most POS malware in the past. The attackers behind the malware have not been compromised the LogMeIn service itself it’s just impersonated.
Source: https://thehackernews.com/2018/02/pos-malware-dns.html