The vigilant user, known by the nickname Tarwirdur, drew attention to the hidden crypto-currency miner , who was present in the 2048buntu application (clone of the popular 2024 game) on the Ubuntu Snap Store.
Miner disguised himself as a systemd and extracted Bytecoin (BCN) currency for an account tied to the mail address [email protected] The code that caused suspicion from the user can be seen below.
After reacting to the message Tarwirdur, the administration of Ubuntu Snap Store quickly removed the application from the catalog, thanking the supervisory user. As it turned out, the application belonged to the developer Nicholas Tomb, and while his other packages were also excluded from the Ubuntu Snap Store before the investigation was completed.
Since there are no download counters and settings in the Ubuntu Snap Store, the number of affected users is unknown. Moreover, anyone can add their own snap-package to the directory, in essence. Unlike official Google or Apple directories, snap-packages do not undergo a multi-step security check