We think you might be interested in this job:
AT&T Alien Labs has discovered a new https://thenewstack.io/vmware-finds-linux-malware-on-the-rise/ program targeting endpoints and IoT devices. Usually, Linux malware targets servers and cloud instances.
Then, once in place, another module is downloaded, executed, and then downloads and executes the next one, and so on.
Just to the basics, of installing security patches, keeping backups, and never installing unknown programs.
All too often, IoT vendors do a lousy job of keeping their embedded operating systems up to date with security patches.