Malware Found In the Ubuntu Snap Store

An anonymous reader quotes a report from Linux Uprising: Oh, snap! Just because some packages are available to install directly from the Ubuntu Software Center doesn't make them safe. This is proved by a recent discovery of malware in some snap packages from the Ubuntu Snaps Store.

At least two of the snap packages, 2048buntu and hextris, uploaded to the Ubuntu Snaps Store by user Nicolas Tomb, contained malware. All packages by Nicolas have since been removed from the Ubuntu Snaps Store, "pending further investigations." The report comes from a bug which mentions that the 2048buntu snap package (and other packages by Nicolas Tomb) contains a hidden cryptocurrency miner inside.

Re:*Nix needs a Zone Alarm equivalent

I've never cared much for ufw. It's basically just a GUI for setting rules for iptables. When I'm working with iptables, I'd rather set them manually through a shell.

I believe GP just meant something that would give a notification when a program tried to communicate out that's not on the "approved" list.

I'd much prefer something along the lines of atguard, before Symantec raped it. The feature I liked from atguard was the "Rule Assistant" that would give a popup when something didn't match one of the rules. The popup would show you the port, ip address, application, and direction of communication attempt and allow you to setup firewall rules based on that communication attempt. This would help limit outbound connections to specific programs and get notifications when malware is trying to phone home.

The main drawback to this is having to setup firewall rules for each program. Also, it could get fairly cumbersome if you limit the program by MD5, since you'd have to update the hash every time you update a program.