I've had a quick look through the JavaScript and from what I can see it only really tried to do anything on Windows.
Just guessing here but I would have thought that they would run detection scripts against the connecting browser to identify it and the OS, and if they have an exploit for that ...