The cruder the malware, the better your chances of running successfully in Wine.
Because throwing together some simple executable using inbuild windows functions is much easier than programming something well-build and hidden based on deeper system layers. So your random “I just encrypted all your files because you clicked this .exe, now send me bitcoin to get it back”-bullshit might work well on wine (which is why wine should be run as it’s own user with no priviledges to access anything but your Windows programs).
The cruder the malware, the better your chances of running successfully in Wine.
Because throwing together some simple executable using inbuild windows functions is much easier than programming something well-build and hidden based on deeper system layers. So your random “I just encrypted all your files because you clicked this .exe, now send me bitcoin to get it back”-bullshit might work well on wine (which is why wine should be run as it’s own user with no priviledges to access anything but your Windows programs).