Of the three malware accounts I found in the last few minutes out of curiosity, two had linux downloads.
It's really bad out there. Recent is a minefield. I do not even try hard and found three within a minute or so.
Anyway, I mean what I said. If there is any indicator, any at all, that would increase trust, the criminals will fake it. Including having a linux, mac or android download. That's even one of the easiest things to fake. That's a reason why I do not like to talk about how to spot fake games. It is useless in a week or two and it will create fake confidence in a game's legitimacy.
I am not sure, how this is on linux, but a big deal what those malware do, is spy your browser data. That should be doable on Linux too. If that malware process runs on the same Id as the user running the browser, that process should have reading rights to the browser data. That means login cookies that can circumvent some 2fa logins.