SoylentNews

An Anonymous Coward writes:

https://distrowatch.com/dwres.php?resource=showheadline&story=20123 [distrowatch.com]

Alan Pope, a former Ubuntu [distrowatch.com] contributor and current Snap package maintainer, has raised a concern on his blog about attackers sneaking malicious Snap packages into Canonical's package repository.

"There's a relentless campaign by scammers to publish malware in the Canonical Snap Store. Some gets caught by automated filters, but plenty slips through. Recently, these miscreants have changed tactics - they're now registering expired domains belonging to legitimate snap publishers, taking over their accounts, and pushing malicious updates to previously trustworthy applications. This is a significant escalation."

Details on the attack are covered in Pope's blog post [popey.com].

Original Submission