I don't think Electrum servers can able to do that since Electrum only request for these data like address history and balances, block headers, UTXOs, etc.
There's no way that they can do or control your wallet.
How exactly did you create your wallet? Did you create your wallet somewhere else? I mean outside the Electrum wallet from that PC/Laptop?
If not, and you created your wallet on the same device, there's a possibility there's something in your PC that you don't know leaks your wallet private keys.
I'd like to know how you installed this Linux and where you downloaded it. Are you sure that you downloaded the Linux OS from a legit source?
Because if you downloaded it from somewhere other than the trusted source, there's a possibility it's already infected with malware. Scanning it with any antivirus won't work; that's why I don't download an OS randomly.
There are lots of free OS mods out there, but all of them are already infected with malware that can't be easily scanned by any antivirus.
If I want to use a wallet on a Linux-based OS, I am more comfortable using Tails, which has built-in Electrum. Electrum already provided a guide for this. If you are interested in the future, check their guide below.
-
https://github.com/spesmilo/electrum-docs/blob/master/tails.rstI have created the wallet on a Windows system years ago - see my post above.
The Debian OS (iso install. file) I have downloaded of course from the original Debian developer site debian.org - also signature-verified.
I now use offline signing and one wallet per address - so fuck the seed :-) Tails is also a good option I agree.
But what really driving me nuts is how the hack worked and why only once at this time coincidence? My old wallet seed and btc addresses and even the electrum password never changed in 5 years and any attacker could have stolen much more... I really think it is a combination of a glitch / vulnerability in Electrum together with a malicious server...