Situation normal ...
only infects PCs that run MS Windows
A dropper-as-a-service, which cyber-crime newbies can use to easily get their malware onto thousands of victims' PCs, has been dissected and documented this week. A dropper is a program that, when run, executes a payload of malicious code. The dropper is similar to a trojan, and it can sometimes have other functionality, but …
If you can lure a Linux user to run a dropper with sufficient privileges Linux won't save you - nor macOS.
Now tt's easier to look for Windows users trying to find warez because Linux user don't want or can't find commercial applications needing some kind of licenses to be run.
Once you port them under Linux, you'll get also Linux users looking for cracked applications. And you can drop easily malware to them too....
It will be interesting to put your theory to the test.
Obviously, I subscribe to the idea that Linux is generally "safe" because not many people use it on the desktop. That said, malware can be had on Linux, it's just that Windows is a far more juicy target.
Even so, the fact that most, if not all, Linux users do not work with an admin account, something that is virtually impossible to do on Windows without an IT department to manage things, means that even on Linux, malware will be rather limited in its effects.
But hey, when the day of the Linux desktop has arrived, we'll see what the scum manage to do.
Because one thing is certain : they will give it a go.
Even with Linux to install stuff you may need to use sudo and run the package installers as root. Because they may need to write to locations or modify files a plain user can't.
But even software installed without admin privileges can try to elevate its privileges later if there are vulnerabilities or if in some ways it can intercept credentials.
Linux is safer now because most applications are installed by trusted sources. If people are lured to add a warez repository to their sources list - good luck...
The compromised installer is one of the best way to deliver malware - you don't even need to try to exploit vulnerabilities, you mostly need just to evade AV detection. Then you run with enough privileges to create havoc easily.
Anyway, it's quite simple to run Windows as a non-admin without an IT department behind you - you'll just need to use the "Run as Administrator" command more frequently - just like you often need to use sudo in Linux to perform some tasks.
"Even so, the fact that most, if not all, Linux users do not work with an admin account, something that is virtually impossible to do on Windows without an IT department to manage things"
Really, this no harder on Windows than on Linux, and hasn't been for many, many years.
The big problem is that 99% of the population do not understand the need for having separate accounts for normal and admin use. If there was *one thing* worth teaching the nation's schoolchildren about IT then this is probably it.
Whilst I can see this is a pain and in an ideal world, would not happen one cannot help be think this is self-inflicted.
So you have a pieces of commercial software that needs a license to work.
Go and trawl dodgy sites to find keys to crack tools to make it work.
Dodgy site provides link to malware that the user happily downloads and runs.
Users PC now full of crap.
Now AV might be able to detect it or possibly block the download but this really does reach the point that you cannot protect some people from themselves.
Like driving with no insurance, mostly people get away with it but sometimes a random check or minor incident gets them totally shafted.
Maybe they have AV installed but there is a strong possibility that it is some sort of basic free edition, not even Windows Defender because they don't trust it. If you are running cracked software then as long as you don't cause issues for others that is fine. Just don't complain when your computer ends up useless.
I was embroiled with a friend of a friend who did this regularly and kept wanting his PC fixed. In the end I resorted to charging ever-increasing amounts in the hope he would go away. Unfortunately his "Fix My Computer" pocket was deeper than I expected.