Close Menu
AsiaTokenFundAsiaTokenFund
  • Home
  • Crypto News
    • Bitcoin
    • Altcoin
  • Web3
    • Blockchain
  • Trading
  • Regulations
    • Scams
  • Submit Article
  • Contact Us
  • Terms of Use
    • Privacy Policy
    • DMCA
What's Hot

Circle’s IPO attracts major interest, set for $7.2B valuation

June 2, 2025

POL token flashes recovery signals as Polygon NFTs sales hit $2B

June 2, 2025

Ethereum Poised For A 5-Figure Breakout – Volatility Is Shaking ‘Weak Hands’

June 2, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) YouTube LinkedIn
AsiaTokenFundAsiaTokenFund
ATF Capital
  • Home
  • Crypto News
    • Bitcoin
    • Altcoin
  • Web3
    • Blockchain
  • Trading
  • Regulations
    • Scams
  • Submit Article
  • Contact Us
  • Terms of Use
    • Privacy Policy
    • DMCA
AsiaTokenFundAsiaTokenFund

Ubuntu will manually review Snap Store after crypto wallet scams

0
By Aggregated - see source on March 28, 2024 Scams
Share
Facebook Twitter LinkedIn Pinterest Email
Enlarge / One thing you can say about this crypto wallet: You can’t confuse it for any other.

Getty Images

The Snap Store, where containerized Snap apps are distributed for Ubuntu’s Linux distribution, has been attacked for months by fake crypto wallet uploads that seek to steal users’ currencies. As a result, engineers at Ubuntu’s parent firm are now manually reviewing apps uploaded to the store before they are available.

The move follows weeks of reporting by Alan Pope, a former Canonical/Ubuntu staffer on the Snapcraft team, who is still very active in the ecosystem. In February, Pope blogged about how one bitcoin investor lost nine bitcoins (about $490,000 at the time) by using an “Exodus Wallet” app from the Snap store. Exodus is a known cryptocurrency wallet, but this wallet was not from that entity. As detailed by one user wondering what happened on the Snapcraft forums, the wallet immediately transferred his entire balance to an unknown address after a 12-word recovery phrase was entered (which Exodus tells you on support pages never to do).

Pope takes pains to note that cryptocurrency is inherently fraught with loss risk. Still, Ubuntu’s App Center, which presents the Snap Store for desktop users, tagged the “Exodus” app as “Safe,” and the web version of the Snap Store describes Snaps as “safe to run.” While Ubuntu is describing apps as “Safe” in the sense of being an auto-updating container with runtime confinement (or “sandboxed”), a green checkmark with “Safe” next to it could be misread, especially by a newcomer to Ubuntu, Snaps, and Linux generally.

Advertisement

More than that, Pope’s post points out that writing, packaging, and uploading the Snap to Ubuntu’s store results in an app that is “immediately searchable, and available for anyone, almost anywhere to download, install and run it” (emphasis Pope’s). There are, he noted, “No humans in the loop.”

Mark Shuttleworth, founder of Ubuntu and CEO of Canonical, responded to a related thread on whether crypto apps should be banned entirely. “I agree that cryptocurrency is largely a cesspit of ignoble intentions, even if the mathematics are interesting,” Shuttleworth wrote. At Ubuntu, it was “fair to challenge ourselves” to offer additional safety measures, “even if they will never be perfect.” Making apps safer for people vulnerable to social engineering is “a very hard problem but one I think we can and should engage in,” Shuttleworth wrote.

He did not, however, agree that cryptocurrency apps should be broadly banned.

After what Shuttleworth described as “a quiet war with these malicious actors for the past few months” (which was, according to Pope, ongoing as of earlier this month), Snaps are indeed changing.

At the Snapcraft forums, Holly Hall, product lead for Ubuntu’s backing services company Canonical, wrote last week about a new policy of manual review for all new Snap registrations. Engineering teams will review apps and reach out to publishers to verify names and intents. A name that is “suspected as being malicious or is crypto-wallet-related” will be rejected. A policy regarding how to properly publish a crypto wallet in the Snap store is forthcoming, Hall wrote.

As noted by The Register, a different sandboxed app platform (store), Flathub, recently made related changes to its validation process. Flathub now flags apps that have made notable changes to permission requests or package names. Open software repositories have long faced issues with malicious look-alike uploads, including the PyPI index for Python programming.

Ars has reached out to Canonical for comment and will update this post if we receive a response.

Credit: Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

Related Posts

US Treasury sanctions Philippines tech firm over aiding $200 million pig butchering spree

May 30, 2025

Trader loses $2.5M USDT after falling for address poisoning scam twice

May 26, 2025

Creator of over 100 memecoins says rug pulls are the ‘easiest way to make money’

May 18, 2025
Leave A Reply Cancel Reply

What's New Here!

Circle’s IPO attracts major interest, set for $7.2B valuation

June 2, 2025

POL token flashes recovery signals as Polygon NFTs sales hit $2B

June 2, 2025

Ethereum Poised For A 5-Figure Breakout – Volatility Is Shaking ‘Weak Hands’

June 2, 2025

Singapore Cracks Down on Unlicensed Crypto Firms with Strict New Rules

June 2, 2025
AsiaTokenFund
Facebook X (Twitter) LinkedIn YouTube
  • Home
  • Crypto News
    • Bitcoin
    • Altcoin
  • Web3
    • Blockchain
  • Trading
  • Regulations
    • Scams
  • Submit Article
  • Contact Us
  • Terms of Use
    • Privacy Policy
    • DMCA
© 2025 asiatokenfund.com - All Rights Reserved!

Type above and press Enter to search. Press Esc to cancel.

Ad Blocker Enabled!
Ad Blocker Enabled!
Our website is made possible by displaying online advertisements to our visitors. Please support us by disabling your Ad Blocker.