Linux users of the Snap Store, beware: attackers are pushing malware through some trusted apps

Linux Snap users have been warned about a new scam campaign where attackers are exploiting expired publisher domains to bypass trust signals and deliver malicious app updates. This campaign involves attackers registering expired domains, resetting passwords on Snap Store accounts, and pushing malware to previously trusted apps. The malicious updates often mimic cryptocurrency wallet applications, tricking users into entering their wallet recovery phrases, which are then transmitted to the attackers. Users are advised to avoid installing cryptocurrency wallet applications from app stores and to obtain them directly from official project websites. Snap publishers are also urged to keep their domain registrations up to date and enable two-factor authentication.