> it's telling that no other operating system except Windows commonly suffers from this problem.
This is an honest question, as this area isn't my specialty, but could this be for the same reason that people used to perpetuate the myth that Macs don't get viruses? Attackers simply target the platform with the largest market share.
Linux servers are far more common than Windows servers, and servers usually have loads of bandwidth making them especially valuable targets for spammers and fraudsters.
You don't gain much from having root or kernel level access if you're just sending spam from a machine running an OS that isn't typically checking for malware. Windows is a much more attractive target because you can also get user's bank and credit card details, but doing that entirely in userspace will get you picked up by the (now fairly ubiquitous) malware scanners. There's a strong incentive to move yourself into the kernel there.
But Linux servers require root access (or physical access, which frequently amounts to the same thing) to modify the bootloader. If you've already got root, then you don't really need to install a bootkit - you may as well just install a modified kernel or kernel module rootkit.
This is an honest question, as this area isn't my specialty, but could this be for the same reason that people used to perpetuate the myth that Macs don't get viruses? Attackers simply target the platform with the largest market share.