The trojan is populated via SSH, so it is not really an infection, but rather unauthorized remote access. This applies only to raspberries exposing SSH service to the public, either assigned public IP directly of using port forwarding from your ISP router.
Raspbian system (now called Raspberry OS) is provided with default user account and default password. It also warns a user of a security threat if SSH is enabled and pi account password is unchanged by a user. It leaves up to user decision what to do about it and Astroberry doesn't change this configuration. Well, it used to... up to version 2.0.2 as it disabled pi account by default for security reasons. Based on users' request I reverted it to default Raspbian behaviour in version 2.0.3, so now the pi account is enabled.
Just to clarify on this issue, it is not a vulnerability specific to Astroberry, but any linux operating system running on Raspberry Pi with default passwords, specifically Raspbian using pi/raspberry as default credentials.

Read More...