Recently, a Russian security researcher discovered a 100-node Linux "cluster" that was running a botnet which was, in turn, connected to a group of desktop machines. Altogether these machines were serving up malware.
Yes, that's right, a cluster of Linux servers that were running genuine websites had been hacked to include a secondary server (nginx) to combine together as a botnet server. How did this happen, you ask? Traditionally, desktop machines are turned into botnet servers when the user unwittingly clicks on a URL that then inserts the malicious code into the users machine. This is how, in 2006, over 20,000 Windows machines were turned into botnet servers. But for this to happen to a Linux server? There is one explanation

The link for this article located at Builder AU is no longer available.