Snap Store Uncovers Malicious Crypto Apps

Security Alert: Fake Cryptocurrency Wallets Discovered on Snap Store

In a recent discovery on the application catalog Snap Store, in collaboration with Canonical for Ubuntu users, it has been revealed that 10 applications posing as official cryptocurrency wallets are actually fake and potentially harmful. These applications were designed to mimic popular wallets like Exodus, TronLink, and Metamask, but were not created by the original developers.


Furthermore, these fake applications were marked as “SAFE” in the catalog, giving users a false sense of security that they were verified and safe for use.


The fake applications were published by a user named Digisafe00000 under names like “Exodus-Build-96567” and were disguised to look like legitimate cryptocurrency wallets. Despite their removal from the Snap Store, they resurfaced under a new user named CodeGuard0x0000 with slightly altered names.


A similar incident in February resulted in the theft of about 9 bitcoins, approximately $500,000, from a user who unknowingly installed a fake Exodus client. The creators of these malicious applications are able to evade the automatic checks in the Canonical forum, prompting discussions among participants to consider banning unverified cryptocurrency-related applications from the Snap Store.

These fake wallets are essentially dummy applications that display web pages from external sites, using wrappers based on Webkit GTK to simulate desktop applications. They only function to import keys and restore wallets, while attempts to create new wallets result in errors.

/Reports, release notes, official announcements.