To be fair, the cited (and likely incomplete) list from the summary is "compromise servers and devices running platforms like Drupal, WordPress, Magento, Jetspeed, Exarid, AirOS." The takeaway here is pretty much this: widespread deployment of shitty PHP and Java apps strikes again
This isn't a problem of the "widespread deployment of shitty PHP and Java apps". The vulnerability which this Trojan exploits is CVE-2014-3704 and was patched by Drupal Security Team on the 15th of October in 2014
The circumstances and agents which have led to this Trojan exploiting Linux systems and Drupal frameworks in the wild is, as with many such things, are multiple and varied. They include installations that are underresourced, shops with critical dependencies that cannot easily upgrade, web apps that at first and second glance do not have interfaces outside an intranet, etc. etc. and so on and so forth
The key is to stop pointing fingers and laying blame, unless the fingers point to the creators and distributors of the malware. The exploitation and abuse of computer infrastructure is part of territory. Blaming failures on the vulnerable is a sysadmin's version of victim-blaming and does little to mitigate the problem and much to generate community dysfunction.
Instead of finger pointing, spread the word, inform your unknowing and unwitting colleagues, train junior developers about how to remain secure for multiple computing environments with complex layers of computing infrastructure.
Our great-great-great-great grandchildren will thank you.