I think the consensus is that you need antivirus if you have Windows machines on your local network or if you regularly share files with Windows users. Viruses written for Windows don't directly affect Linux boxes but they can still be stored and passed on.

If you are running a server, you need a good firewall.

Regarding back doors: there used a few years ago (pre-pandemic) to be a TV ad for some kind of Windows software that allowed you to remotely get files off one machine while working on another. This was presented as a useful thing to be able to do, for example when giving a presentation away from the office. I remember thinking at the time that it sounded like a very dangerous back door.

This is the tragedy of the 21st century, it seems to be getting worse, not better.

Please don't put out simple statements & ask us to confirm them.
There's no simple answer.
What you are asking is best answered proactively, forming your own opinion with web searches instead of asking for other people's opinions.
Also, have you read ALL of this thread?

deleted.

I do not run protection on laptops. I reload laptops regularly and it would seem wasted effort.

In general: I run antivirus and rootkit detection on servers to protect the services and so that I do NOT need to reload servers! (Servers also get backed up, I only back up settings and data for critical applications on laptops.) Specific server cases may differ form those general rules, depending upon risk factors and analysis.

I have DECADES of experience in the business doing such risk analysis. When I started out there was far less threat, but we still took a more conservative approach because so much less was KNOWN about the threats! We NOW know how appropriate those precautions were!

90% of the encryption malware, no matter how it is spread, attacks storage. If remote storage is not mounted in a way that malware can use to encrypt the data, you avoid some of the likely attack vectors and limit likely damage of a successful exploit to single nodes rather than server data.

It is important to consider HOW you operate as part of your risk assessment, and make such changes as to support your operation while reducing the risk. That is AT LEAST as important as any anti-malware software.

It is also one of the most important things to teach a rookie! New users have no experience basis to decide "this means I have a hardware failure" or "that means that application is acting bad and must be replaced". They see something going wrong that did not go wrong yesterday and H"AVE to jump to a conclusion to move forward. If they are lucky they then bring the symptoms to someplace where they can get good advice, diagnostic steps, revisions of their original conclusion, and ways to get to the right answers. LQ is at its best when it is that place!

It is not at its best when the only answer they get is "you should know better". If they knew better they would not come to us.

Thanks. I have much to learn. I know enough to know that I don't know enough. Thanks again.

Perhaps it is a script that is being run. I noticed that with many old phpbb style forum
sites where accounts write strange things, then other accounts "reply" to the strange
thing (usually via a hyperlink to get people to click on it) - these are evidently written
by some script "tag-teaming". But a simpler explanation may perhaps be some strange setting
that induces people to assume they "were hacked"? Hard to say, IMO. May require more
specific examples to be shown.

> This is the tragedy of the 21st century, it seems to be getting worse, not better.

I think this is a general trend. Other sites take away traffic ... probably StackOverflow,
facebook, discord/discourse/whatsApp and so forth. Anyone remembers the old doom9 forum
back in the days? Now it's more deserted compared to, say 15 years ago ... damn nostalgia
kicking in here. I am old as Grandpa Simpsons ... :(