Trend Micro researchers encountered a PowerGhost variant that infects Linux machines via EternalBlue, MSSQL, and Secure Shell (SSH) brute force attacks. The malware was previously known to target only Windows systems.
PowerGhost is a fileless cryptocurrency-mining malware that attacks corporate servers and workstations, capable of embedding and spreading itself undetected across endpoints and servers. It was known to exploit PowerShell, a built-in task automation and configuration feature in Windows. The threat has now expanded to Linux systems.
Source: Trend Micro