Ebury is Not "Linux", That's Just the Media Shifting Attention (Microsoft in the Hot Seat for Total Breach Right Now)
A reality check [1, 2, 3, 4], not based on clickbait and dramatic headlines: "Besides Linux, Ebury was also installed on approximately 400 FreeBSD servers, about a dozen OpenBSD and SunOS servers, and at least one Mac."
So it's not "Linux".
"Seems based on OpenVZ and on CVE-2016-5195 too," an associate found. "Seems like it may be a Trojan, but little is said clearly about infection vectors. There is a lot of analysis of how it works but not about how it actually gets into any systems. "