This post was originally published on this site.
Cybernews reports that illicit apps spoofing the widely used cryptowallets Exodus, Trust Wallet, and Ledger Live in the Canonical Snap Store have facilitated the distribution of crypto-stealing malware against Linux users.
Techniques used to publish the apps have increased in sophistication, with attackers most recently venturing to hijack reputable publishers’ domains whose registrations had already expired, after initial attempts to use convincing storefronts and innocuous snap names were thwarted, according to an analysis by Anchore Director of Developer Relations Alan Pope.
“I’ve identified at least two domains this has happened with recently: storewise.tech and vagueentertainment.com. There are almost certainly more. This is a significant escalation,” said Pope, who urged users to download crypto apps from their official project sites to avoid compromise.
Such findings come amid intensified cyber threats against open-source package ecosystems, with npm packages recently reported to have been impacted by the sophisticated and self-propagating Shai-Hulud worm.