I'm not sure that the image is the only thing AI generated in this one.

I didn't catch a single novel detail about Perfectl to support the claim that it's one of the most advanced threats. I'm not saying it's not just that I didn't catch in this article why it is.

Maybe it's there among all the noise and I just missed it.

There's a lot of the usual stuff. Maybe the novelty is just having it all in one worm? Other worms effectively have the same impact since they usually phone home, anyway, and a human invokes each of those other tools, if able.

TL;DR: Worm targets Bitcoin, but isn't above using infected open source developer packages (citation missing though - would love to know which packages). Uses usual techniques for usual reasons.

Maybe the novelty is that a bunch of the usual manual steps are maybe being invoked automatically? It's not clear.

Edit: I also couldn't find a source for the claim of millions of infected servers. This one feels more like a consulting flier selling to inept CISOs, than Cybersecurity news.