← Back to Pulse Feed
PULSE DETAIL
New activity from NewPOSThings and the "You Chung" actor. It is assumed that actors using the malware are targeting small- to medium-sized businesses given the malware’s focus on VNC applications. Small businesses are generally more likely to use remote administration software for their POS terminals so that 3rd parties can manage the terminals.
Indicators of Compromise (11)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | oghwj.net | — | 2015-10-26 | |
| domain | super-updates.net | — | 2015-10-26 | |
| domain | chiproses.net | — | 2015-10-26 | |
| domain | astro-travels.net | — | 2015-10-26 | |
| domain | flowerstick.net | — | 2015-10-26 | |
| domain | super-cpu.net | — | 2015-10-26 | |
| domain | fast-update.net | — | 2015-10-26 | |
| domain | jtrho.net | — | 2015-10-26 | |
| domain | randomfruits.net | — | 2015-10-26 | |
| FileHash-MD5 | b6c1d46e25a43d9ae24c85c38c52d6a4 | — | 2015-10-26 | |
| FileHash-MD5 | 761d23e1e2f496f1a6a2385808afc6eb | — | 2015-10-26 |