Linux server malware is common, mainly targeting naive owners for misconfiguration (SSH password guessing), or targeting remote shell exploits in various popular packages (personally had it happen with Gitlab, for example).
The opportunistic attackers like that mainly go for dropping some blockchain mining software (monero is popular payload) and sometimes go for deploying botnet agents for things like DDoS ransoming and similar.
Low success rate, but low effort on attacker's side, who often buys a premade tool on a forum.
The opportunistic attackers like that mainly go for dropping some blockchain mining software (monero is popular payload) and sometimes go for deploying botnet agents for things like DDoS ransoming and similar.
Low success rate, but low effort on attacker's side, who often buys a premade tool on a forum.