Canonical, the company behind the Ubuntu Linux distro, created the Snap packaging format to streamline the development and deployment of software for PC, Server, Mobile, and IoT devices running Ubuntu, which premiered with version 16.04 LTS, back in 2016. Since then, Snaps have made their way to other Linux distros and now even Spotify is being distributed through it.
Aside from making it easier for developers to distribute their apps across many Linux distros without having to create a package for each one, Snaps are also expected to be more secure than apps installed through other packaging systems. For example, each Snap is isolated from the system and cannot interfere with it or with other Snaps.
Unfortunately, it has not prevented malware from reaching the Ubuntu Snap Store. As reported by Github user ‘tarwirdur‘ last Friday, two apps that were available from the Store since late April contained a сryptocurrency miner, ByteCoin, disguised as the “systemd” daemon and a script to auto-load them upon startup of the system.
Canonical has since "removed all applications from this author [from the Ubuntu Snap Store] pending further investigations". It is not clear how many users were affected by the malware, though, since neither the Snap Store nor Canonical provide such information.
As pointed out by OMG! Ubuntu!, Snaps uploaded to the Store are currently only checked for installation issues among the Linux distros that support the packaging system, without any test for malware or suspicious activities.
Even though those two apps do not seem capable of directly harming the system or other applications, due to the very nature of the Snap packaging system, they are malware and should not have been allowed into the Ubuntu Snap Store in the first place.
Source: GitHub via OMG! Ubuntu!
10 Comments - Add comment