Malware Found In the Ubuntu Snap Store

An anonymous reader quotes a report from Linux Uprising: Oh, snap! Just because some packages are available to install directly from the Ubuntu Software Center doesn't make them safe. This is proved by a recent discovery of malware in some snap packages from the Ubuntu Snaps Store.

At least two of the snap packages, 2048buntu and hextris, uploaded to the Ubuntu Snaps Store by user Nicolas Tomb, contained malware. All packages by Nicolas have since been removed from the Ubuntu Snaps Store, "pending further investigations." The report comes from a bug which mentions that the 2048buntu snap package (and other packages by Nicolas Tomb) contains a hidden cryptocurrency miner inside.

*Nix needs a Zone Alarm equivalent

This is why Linux needs the equivalent of the Zone Alarm firewall. Something that will alert a desktop user every time a program first attempts to connect to the internet and allow the user to say yes or no to the attempt. If your firewall allows all outbound traffic by default you do no have a hope in hell of catching a malware infection...

If you've got such software then at least you know something nasty has managed to infect your machine as you'll spot it the first time it tries to "phone home"..

Re: *Nix needs a Zone Alarm equivalent

Most people block incoming by default, but not outgoing. The reason is simply convenience; if the desktop environment showed you a GUI popup asking permission every time an outgoing connection was attempted, it would be much easier for the average user to adopt. Pretty sure that's what the grandparent was talking about; if you still think its trivial, I'd love a link to instructions :)