Security researchers have discovered multiple attack campaigns conducted by an established Chinese criminal group. Attackers target database servers for mining cryptocurrencies, exfiltrating sensitive data and building a DDoS botnet. Most compromised machines are based in China, and some in Thailand, the United States, Japan and others. Researchers advised administrators to always follow the databases hardening guides (provided by both MySQL and Microsoft) rather than just having a strong password for your databases. Administrators should check for the existence of the following usernames in their database or systems.
Source: https://thehackernews.com/2017/12/chinese-hacking-databases.html