A number of malicious samples have been created for the Windows Subsystem for Linux (WSL) with the goal of compromising Windows machines. The “distinct tradecraft” marks the first instance where a threat actor has been found abusing WSL to install subsequent payloads. The earliest artifacts date back to May 3, 2021, with a series of Linux binaries uploaded every two to three weeks till August 22, 2021. The use of standard Python libraries makes some of the variants interoperable on both Windows and Linux.”]
Source: https://thehackernews.com/2021/09/new-malware-targets-windows-subsystem.html