From thehackernews.com
![hacking servers](https://1.bp.blogspot.com/-w8yMV_WvSCw/XO7TRSK8nLI/AAAAAAAA0Es/eTXmXA_XMbEyYWU08TPZhPXsr7F2TOVigCLcBGAs/s728-e100/hacking-servers.jpg)
Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide.
Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has already infected nearly 50,000 servers and are installing a sophisticated kernel-mode rootkit on compromised systems to prevent the malware from being terminated.
The campaign, which dates back to February 26 but was first detected in early-April, has been found delivering 20 different payload versions hosted on various hosting providers.