Cybersecurity researchers at Guardicore Labs have published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide. The malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has already infected nearly 50,000 servers. Researchers have also released a complete list of IoCs (indicators of compromise) and a free PowerShell-based script that Windows administrators can use to check whether their systems are infected or not. Since the attack relies on a weak username and password combinations for MS-ql servers, admins are advised to always keep a strong password for their accounts.
Source: https://thehackernews.com/2019/05/hacking-mysql-phpmyadmin.html