Tencent Security today released the "2019 Mining Trojan Report". The report points out that the three most active mining trojans in 2019 are WannaMiner, MyKings, and DTLMiner (Eternal Blue Downloader Trojan). Among them, MyKings is an old botnet family, and WannaMiner and DTLMiner appeared in early and late 2018, respectively. In 2019, these families have infections of more than 20,000 users. Their common feature is the use of "Eternal Blue" vulnerabilities for worm-like propagation, and the use of various types of persistent attack technologies, which are difficult to completely remove. The top three main intrusion methods of mining Trojans in 2019 are vulnerability attacks, weak password blasting, and the use of botnets. Since mining Trojans need to obtain more computing resources, the use of ubiquitous vulnerabilities and weak passwords, or botnets that control a large number of machines for large-scale propagation has become the first choice for mining Trojans.