I'm not aware of any *nix based mining malware (could be wrong of course) - can you give an example?
The reporting on this issue often bothers me (not your post tho!) because they typically conflate browser-based Javascript miners with actual malware. You're describing the worst of the worst, malware that persists on your device and is difficult to detect with signature based approaches like antivirus since there's no code written to the filesystem. That's nasty stuff!
I'm very much an advocate of browser-based mining however, although the current offerings (esp. Coinhive) are really awful. Traditional advertising brokering is such a common vector for malware infections, supports criminal botnet operators, cheats content owners out of revenue due to high fraud rates and so much more. The site owners really have no control over who gets to place code on their page as it is brokered out by 3rd parties in real time.
Voluntary, or at least clearly disclosed mining during the time you browse the site represents a safe way for site owners to monetize their content without exposing their readers to the risks of the current ad platforms. Not to mention the fact that on mobile devices most of the bandwidth is often used up by unwanted ad content, even if it isn't malicious.
Just my two cents worth. I don't expect anyone to agree, so flame on!
https://blog.trendmicro.com/trendlabs-security-intelligence/cryptocurrency-miner-distributed-via-php-weathermap-vulnerability-targets-linux-servers/