Attackers Find a New Way to Share Malicious Snap Packages

by
hubie
from SoylentNews on (#733HB)

An Anonymous Coward writes:

https://distrowatch.com/dwres.php?resource=showheadline&story=20123

Alan Pope, a former Ubuntu contributor and current Snap package maintainer, has raised a concern on his blog about attackers sneaking malicious Snap packages into Canonical's package repository.

"There's a relentless campaign by scammers to publish malware in the Canonical Snap Store. Some gets caught by automated filters, but plenty slips through. Recently, these miscreants have changed tactics - they're now registering expired domains belonging to legitimate snap publishers, taking over their accounts, and pushing malicious updates to previously trustworthy applications. This is a significant escalation."

Details on the attack are covered in Pope's blog post.

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments