It doesn't really matter, because it's orthogonal. Malware like this can be installed on a system through any exploit that provides sufficient access.

So there's two parts to defending against it: 1) finding and fixing any vulnerability that allows the installation of malware like this, and 2) since #1 is a never-ending task, knowing about this malware so you can look specifically for it and delete it when you find it.