1. New FrameworkPOS variant exfiltrates data via DNS requests (2014), G Data blog, https://www.gdatasoftware.com/blog/2014/10/23942-new-frameworkpos-variant-exfiltrates-data-via-dns-requests, Accessed on March 6 2023

2. Krebs B.: Deconstructing the 2014 Sally Beauty Breach (2015), Crebs on Security, https://krebsonsecurity.com/2015/05/deconstructing-the-2014-sally-beauty-breach/, Accessed on March 6th 2023

3. Netlab blog, New Threat: B1txor20, A Linux Backdoor Using DNS Tunnel, https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_en/, accessed on March 16th (2023)

4. Marinho, R.: Translating Saitama’s DNS tunneling messages, SANS Infosec handlers diary, https://isc.sans.edu/diary/Translating+Saitama%27s+DNS+tunneling+messages/28738, Accessed on March 16th (2023)

5. Yunakovsky S.,Pomerantsev I.: Denis and Co, Securelist by Kaspersky, https://securelist.com/denis-and-company/83671/, 2018, Accessed on March 6 (2023)