There’s also a buried reference to using a several-years-patched gpac bug to gain root access before this thing can do most of its stealth stuff.

Basically, it needs your system to already have a known, unpatched RCE bug before it can get a foothold, and if you’ve got one of those you have problems that go way beyond stealth crypto miners stealing electricity.