ASEC has uncovered an attack against “inadequately managed” Linux SSH servers whereby malware is being installed and spread. Most notable has been the installation of a Tsunami DDoS Bot, but ShellBot, XMRig CoinMiner, and Log Cleaner malware have also all been spotted.

https://www.techradar.com/pro/linux-servers-are-being-infected-with-a-dangerous-new-malware