To give just one example, this is the one that hit my mom:
https://en.wikipedia.org/wiki/CryptoLocker
As you can see, GNU/Linux distributions are explicitly immune to its vector
of infection.
My purely personal feeling is that GNU/Linux would have to have a
significantly larger install base before malicious actors would bother.
If that happened, my (again) simply personal feeling is that Trisquel would
be equally likely as other distributions to be vulnerable.
(The exception to this would be, say, if a binary blob in the non-free kernel
was somehow targeted.)
