linux has varying levels of users. most commonly a normal user and a root user.
a normal user cant install system wide software or (normally cant) make system wide changes. for example format drives or change printer settings.
edit: you MUST be root or a user with permissions to install software to install software. this involves explicitly changing to that user, via a login and password. unlike windows where you can simply click “run as administrator” and the software installs. linux provides mechanisms to do so without leaving your current session.
most linux distros (differing versions depending on the vendor; redhat, suse, ubuntu;etc are vendors) do have software repositories in which software is vetted by the linux distro maintainers, similar to the google play or apple stores.
software from these stores in general must be installed using a package manager by the root user. this makes system wide changes.
you can install software as a normal user in your home folder (or more complexly anywhere you have permissions to write to) by several methods:
1: download the source code for the software and compile it yourself.
2: download precompiled software and follow directions to install to your home folder
3: download precompiled software that simply unzips to a folder and runs
viruses on linux do exist. typically it installs into your user folder with the permissions your user has.
note : in general YOU install the software, remote exploits (while they do exist) are rare.
most malware for linux are trojan horses ,malware that records or finds info and sends it elsewhere without your permission or knowledge.
however windows viruses will happily run on linux IF you have wine installed. wine is a compatibility layer that allows many windows programs to run.
edit: as a final note, if someone has physical access to and sufficient knowledge of your computer, you are hacked. this applies to all operating systems, and all security you may have in place. and yes , even those operating systems that claim to be “secure” and/or heavily encrypted.