Linux systems came under fire in 2016, with the number of attacking malware programs targeting the OS tripling compared to 2015.
This is according to the AV-TEST Security Report for 2016/2017, which provides security statistics on malware, ransomware, and attacks.
There was a marked increase in the recorded attacks on Linux systems, which are often connected to the Internet unprotected.
These unprotected and Internet-connected devices running Linux became a desirable target for attackers.
The attacks against Linux systems included targeting DSL routers of Telekom customers, where 900,000 devices were taken down.
It also included malware threats from the Bashlite family, which targeted IoT devices running under Linux.
Other Linux malware, such as the Tsunami backdoor, has been causing trouble for several years and can be modified for attacks against IoT devices.
The graph below shows the detection of the Linux-based Tsunami Trojan since 2003, illustrating the increase in attacks on Linux systems.