Tencent Yujian Threat Intelligence Center issued a statement today stating that mining Trojans are still the main Trojan horses implanted after corporate servers have been compromised. In March 2019, the infection of mining trojans peaked, and then gradually declined, and the infection amount was basically stable. The infection channel of the server implanted with the mining Trojan is mainly through blasting to invade. The most common ones are MSSQL and RDP blasting. In addition, high-risk system vulnerabilities such as eternal blue are also important means of being exploited.