Thousands of compromised computers are actively trying to break into point-of-sale (PoS) systems using brute-force techniques to guess remote administration credentials. The computers are part of a botnet, dubbed BrutPOS by researchers from security firm FireEye, that has been active since at least February. The botnet scans attacker-specified IP address ranges for systems that accept Remote Desktop Protocol (port 3389) connections.