I think when people say it is a smaller target for virii, they are talking about an actual virus such as ransomware, crypto miner, adware, trojans, etc. I have zero doubt these types of virii are more targeted on Windows platforms. Linux servers on the other hand are indeed going to be the largest target for exploits. The primary mechanism by which a Linux server is compromised is going to be via an exploit, not an actual virus. That’s not to say they don’t exist. I administer hundreds of Linux servers in several data centers. I don’t believe I’ve ever come across an actual virus in the last decade or so, but do deal with exploit and brute force attempts nonstop. Perhaps this is a matter of semantics. I don’t consider the tools and methods used to exploit systems as a virus.