Linux users targeted by crypto thieves via hijacked apps on Snap Store
Cryptocurrency thieves have found a new way to turn trusted software packages for Linux on the Snap Store into crypto-stealing malware, Ubuntu contributor and former Canonical developer Alan Pope warned.
SnapScope web app identifies malicious snaps (Source: Alan Pope)
Instead of creating new accounts on this Canonical-run package repository, the attackers are taking over expired web domains and associated email servers tied to existing Snap Store publishers, and using that access to hijack their Snapcraft accounts and push malicious updates to previously benign packages.
Attackers’ newest approach
Like other popular software package repositories, the Snap Store has been targeted by malware peddlers for years.
Initially,…
