A Github user by the title of “tarwirdur” reported an app (now removed), hosted on the Ubuntu Snap Store that contained hiddencode for mining tokens. The app on which the malicious code was found was the 2048buntu app which is a replica of the 2024 game also hosted on the Ubuntu Snap Store. Fortunately, the Ubuntu team were swift to swing into action, deleting the app as well as all other submissions of the same author.
Malware Apps Axed From Snap Store
It wasn’t just the 2024buntu application that posed a severe risk to users who downloaded the app on their PCs. Another app, called Hextris was also detected to have this same malicious code embedded. The apps uploaded were linked to the user who goes by the name Nicolas Tomb and had this email account, “myfirstferrari(at)protonmail.com” in the source code of this app.
It is impossible at the moment to determine how many had downloaded the packages before the apps were deleted. Unlike the Google Play Store and the Apple Store, the Ubuntu Snap Store doesn’t display install counts.
Though the code isn’t designed to steal any personal information of any sort, nor does it create a backdoor for cyber attackers to have their way, It is still able to leverage a computer system’s processing power and also cost the victim additional electricity usage.
Cryptojacking’s Increasing Threat
The Ubuntu team in response to the situation stated “At least two of the snap packages, 2048buntu and Hextris, uploaded to the Ubuntu Snaps Store by user Nicolas Tomb, contained malware. All packages by Nicolas have since been removed from the Ubuntu Snaps Store, ‘pending further investigations.’” as reported on LinuxUprising.
The situation isn’t peculiar to the Ubuntu Snap Store alone, hundreds of malicious apps go on other platforms such as the Google Play Store and the Apple Store on daily bases as well.
It is clear that the current auto approval system for these platforms are not adequate to protect users. As such, these platforms probably need to take a hands-on approach for the approval process, testing every app uploaded on the platform to make sure they are not harmful.
How can app stores restrict the entry of illicit apps? Share your views in the comments section.