From now on, all new apps added to the Snap Store will be manually reviewed by the Canonical engineering team. In addition, the developers of these apps repository their apps.
The news was confirmed by Holly Hall, head of product at Canonical, a company that provides commercial support and services for Ubuntu and related projects.
Snap Store is an app repository that holds containerized Snap apps for the Ubuntu Linux distribution. Apparently, this store was under constant attack from malicious apps, mainly fake crypto wallets. Because several people are suffering severe financial hardship as a result of falling prey to these apps, Canonical has decided to take the drastic step of manually reviewing every app it receives.
Misleading and too flexible
according to ars technica, former Canonical and Ubuntu staffer Alan Pope recently described an incident in which a person lost 9 Bitcoins (more than $600,000 at this time). They were looking for Exodus Wallet, a well-known and popular cryptocurrency wallet available on various platforms. They found it on the Snap Store, but unfortunately it was a fake.
As soon as they entered the 12-word recovery phrase into their wallet, the funds were transferred to another address and lost forever. Although the crypto industry is plagued by fraudsters and inherently risky, Pope argues that there are things Canonical can do to limit that risk. For example, creating a Snap, packaging it, and uploading it to the Ubuntu Store creates an app that is “instantly searchable and can be downloaded, installed, and run by anyone almost anywhere.” No humans are involved. ”
Additionally, apps were tagged as “safe” in Ubuntu's App Center, where desktop users can browse the Snap Store. The “safe” checkmark referred to something entirely different, but it's easy to see how some people might have been misled, the pope added.
As a result, the engineering team reviews the app and reaches out to the publisher. Anyone with a name “suspected to be malicious or associated with a cryptocurrency wallet” will be rejected. Canonical is said to be drafting a policy regarding the creation and publication of cryptocurrency wallets.
