Smugness is an enemy of security.
Rootkits exist for Linux as well. This is eight year old information, but the principle should remain.
"There are many different versions of rootkits that perform basically the same function. Well known Linux rootkits include LRK, tOrn, and Adore and some Windows Rootkits include NTROOT, NTKap, and Nullsys...
Not only are rootkits designed to hide the presence of an attacker; they are also used to gain future administrator-level (root) access, launch distributed denial of service (ddos), or obtain financial or confidential information."
The article goes on to mention that rootkits overwrites common commands such as ps and netstat to hide rooted activity.
I'd agree that it is harder to get a nasty process to overwrite the MBR than it is for Windows, and that it is easier to detect afterward. Never the less, if the MBR is infected by any process on the machine (including Windows, if you are running dual boot) then you really have problems!