Hackers are running a new campaign which drops the StealthWorker malware on Windows and Linux machines that end up being used to brute force other computers in a series of distributed brute force attacks. The malware was previously connected to a number of compromised Magento-powered e-commerce websites on which attackers infiltrated skimmers designed to exfiltrate both payment and personal information. Once on a compromised machine, the malware will create scheduled tasks to gain persistence by copying itself in the Startup folder or to the /tmp folder and setting up a crontab entry.
Source: https://www.bleepingcomputer.com/news/security/stealthworker-malware-uses-windows-linux-bots-to-hack-websites/