

Most hacks interact with Linux because its in almost every corporate environment. People can still get scammed on Linux on their personal device too since rdp clients are compatible and a common method used. Linux Desktop is 4% market share (according to steam surveys?) but server infrastructure is largely Linux based, from firewalls to Web servers to database infrastructure. Most people host some form of Linux environment and lots of ransomware actors have Linux specific encryptors.
Think of it this way: if the environment you just hacked has their corporate SQL database with all of their trade secrets sitting on Linux infra, and you’re a ransomware actor, you’re not going to give up and go hack someone else. Well, not if you’re any good I guess.
The Linux community is better at finding and detecting this stuff due to more people looking at it and open source making it available etc. It’s attack surface (software that could be attacked) is still huge and the danger comes from outdated versions and misconfigurations just like anything else.
Patch often, install from trusted sources, have backups. That’s really all you can do. Every environment has vulnerabilities. They sit at desks and push keys on the keyboard.
Can I install on a Samsung? I know computers and their bootloaders/OSs pretty well but phones are mostly a mystery