Have you guys heard of this Router attack? How does it work exactly? How does it affect Linux user? https://www.experian.com/blogs/ask-...king-your-wifi-router-heres-how-to-stop-them/ Stage 1 involves a worm and adds it to the crontab, the list of tasks run at regular intervals by the cron scheduler on Linux. This allows it to remain on the device, to re-infect it with the subsequent stages if they are removed. Stage 2 is the actual body of the malware, including the basic code that carries out all normal functions and executes any instructions requested by special, optional Stage 3 modules. Stage 3 can be any of various "modules" that tell the malware to do specific things, like spying on industrial control devices (Modbus SCADA) or using secure "dark web" Tor software to communicate via encryption.