Going forward, all newly registered apps on the Snap Store will be manually reviewed by Canonical's engineering teams – furthermore, developers of these apps will have to accept a background check and will be verified if they want their apps to be available on the Snap Store.
This news was confirmed by Holly Hall, Product Manager at Canonical, the company that provides support and commercial services for Ubuntu and related projects.
Snap Store is an application repository containing containerized Snap applications for the Ubuntu Linux distribution. Apparently, this store has been constantly bombarded with malicious apps, most of which are fake cryptocurrency wallets. With a few people experiencing major financial hardship as a result of falling prey to these apps, Canonical decided to take the radical step of manually reviewing any incoming apps.
Misleading and very flexible
according to Ars Technica, Alan Pope, a former Canonical and Ubuntu employee, recently described an incident in which someone lost 9 bitcoins (over $600,000 at the moment). They were looking for Exodus Wallet, which is a well-known and popular cryptocurrency wallet available for different platforms. They found one in the Snap Store, but unfortunately, it was fake.
Once the 12-word recovery phrase was entered into the wallet, the funds were transferred to a different address and thus disappeared forever. While the cryptocurrency industry is riddled with scammers, and inherently risky, there are things Canonical can do to reduce the risks, Bob says. For example, writing, packaging, and uploading Snap to Ubuntu results in an application that is “instantly searchable and available for anyone, almost anywhere, to download, install, and run. There are no humans in the loop.”
Furthermore, the Ubuntu App Center, where desktop users can browse the Snap Store, has marked the app as “secure.” Bob added that this “safe” check mark was referring to something completely different, but it is easy to see how some people were misled.
As a result, engineering teams will now review apps and communicate with publishers. Anyone “suspected of being malicious or associated with a cryptocurrency wallet” in their name will be rejected. Canonical is reportedly drafting a policy for creating and publishing cryptocurrency wallets.
More from TechRadar Pro
