According to Kaspersky, attackers are increasingly diversifying their arsenals to contain Linux tools, giving them a broader reach over the systems they can target.
Many organisations choose Linux for strategically important servers and systems, and with a "significant trend" towards using Linux as a desktop environment by big business as well as government bodies, attackers are in turn developing more malware for the platform.
However, more than a dozen APT actors have been observed to use Linux malware or some Linux-based modules. Most recently, this has included the LightSpy and WellMess malware campaigns, both of which targeted both Windows, Mac and Linux devices.
While targeted attacks on Linux-based systems are still uncommon, a suite of webshells, backdoors, rootkits and custom-made exploits are readily available to those that seek to use them.