Former Canonical Developer Advocate Warns Snap Store Isn't Safe After Slow Responses to Malware Reports (linuxiac.com)
(Sunday January 25, 2026 @03:44AM (EditorDavid)
from the Snap-judgment dept.)
- Reference: 0180651518
- News link: https://linux.slashdot.org/story/26/01/24/2332205/former-canonical-developer-advocate-warns-snap-store-isnt-safe-after-slow-responses-to-malware-reports
- Source link: https://linuxiac.com/linux-snap-users-warned-as-attackers-push-malware-through-old-trusted-apps/
An anonymous reader shared [1]this article from the blog Linuxiac
> In a blog post, Alan Pope, a longtime Ubuntu community figure and former Canonical employee who remains an active Snap publisher... [warns of] a [2]persistent campaign of malicious snaps impersonating cryptocurrency wallet applications . These fake apps typically mimic well-known projects such as Exodus, Ledger Live, or Trust Wallet, prompting users to enter wallet recovery phrases, which are then transmitted to attackers, resulting in drained funds.
The perpetrators had originally used similar-looking characters from other alphabets to mimic other app listings, then began uploading "revisions" to other innocuous-seeming (approved) apps that would transform their original listing into that of a fake crypto wallet app.
But now they're re-registering expired domains to take over existing Snap Store accounts, which Pope calls "a significant escalation..."
> I worked for Canonical between 2011 and 2021 as an Engineering Manager, Community Manager, and Developer Advocate. I was a strong advocate for snap packages and the Snap Store. While I left the company nearly five years ago, I still maintain nearly 50 packages in the Snap Store, with thousands of users... Personally, I want the Snap Store to be successful, and for users to be confident that the packages they install are trustworthy and safe.
>
> Currently, that confidence isn't warranted, which is a problem for desktop Linux users who install snap packages. I report every bad snap I encounter, and I know other security professionals do the same — even though doing so results in no action for days sometimes... To be clear: none of this should be seen as an attack on the Snap Store, Canonical, or the engineers working on these problems. I'm raising awareness of an issue that exists, because I want it fixed... But pretending there isn't a problem helps nobody.
[1] https://linuxiac.com/linux-snap-users-warned-as-attackers-push-malware-through-old-trusted-apps/
[2] https://blog.popey.com/2026/01/malware-purveyors-taking-over-published-snap-email-domains/
> In a blog post, Alan Pope, a longtime Ubuntu community figure and former Canonical employee who remains an active Snap publisher... [warns of] a [2]persistent campaign of malicious snaps impersonating cryptocurrency wallet applications . These fake apps typically mimic well-known projects such as Exodus, Ledger Live, or Trust Wallet, prompting users to enter wallet recovery phrases, which are then transmitted to attackers, resulting in drained funds.
The perpetrators had originally used similar-looking characters from other alphabets to mimic other app listings, then began uploading "revisions" to other innocuous-seeming (approved) apps that would transform their original listing into that of a fake crypto wallet app.
But now they're re-registering expired domains to take over existing Snap Store accounts, which Pope calls "a significant escalation..."
> I worked for Canonical between 2011 and 2021 as an Engineering Manager, Community Manager, and Developer Advocate. I was a strong advocate for snap packages and the Snap Store. While I left the company nearly five years ago, I still maintain nearly 50 packages in the Snap Store, with thousands of users... Personally, I want the Snap Store to be successful, and for users to be confident that the packages they install are trustworthy and safe.
>
> Currently, that confidence isn't warranted, which is a problem for desktop Linux users who install snap packages. I report every bad snap I encounter, and I know other security professionals do the same — even though doing so results in no action for days sometimes... To be clear: none of this should be seen as an attack on the Snap Store, Canonical, or the engineers working on these problems. I'm raising awareness of an issue that exists, because I want it fixed... But pretending there isn't a problem helps nobody.
[1] https://linuxiac.com/linux-snap-users-warned-as-attackers-push-malware-through-old-trusted-apps/
[2] https://blog.popey.com/2026/01/malware-purveyors-taking-over-published-snap-email-domains/
Who'd have thought... (Score:4, Interesting)
... that bypassing the long established and fairly well working path of distributions with something that's essentially "download a binary and run it" with no actual reviews could actually lead to something that's less secure than what you had before.
Re: (Score:2)
Neither option is very good. Linus spoke about how much effort is wasted in traditional repos, and how they cause version and dependency issues. That's part of the reason why things like Docker are so popular.
Snaps may be crap, but so are all the other options.