The Gnome extension on Linux is carrying a malware in disguise. The ones who made the find were the people working at Intezer. They have even linked the malicious code as spyware created by Russian coders named Gamaredon. Most of the modules used by the malicious code in Evil-Gnomeis tied to Windows utilities such as the use of SFX, task scheduler and data trackers. Since the code seems to target mostly desktops, the extension of the attack has not been wide because Linux is not widely used on PCs. The developers of Intezer have stated that the spyware is an entirely new form of code that has never been used before.
The attack group is not one to rear its head frequently. We have reports of their existence dating back to 2013. Most of the information available about them was released by