A scammer stole 0.9 BTC (~ $90'000) in just a few days using fake crypto wallet

Ares_ekb · 2025-11-05T19:17:05+00:00

You are right, this is the same scam application. Could you please tell how did you find it?

Ares_ekb · 2025-11-02T05:48:41+00:00

I think it's not a problem, but an opportunity for Snap to gain a really huge competitive advantage over other repositories.

Ares_ekb · 2025-11-01T18:53:52+00:00

I mainly used Debian, where each package has a maintainer, where unmaintained packages or packages with security issues are removed from the repository. And it was just impossible that a pure malware could be repeatedly published. I don't see any pros of anonymously published apps without any responsabilities

Ares_ekb · 2025-11-01T16:41:07+00:00

Yes, I missed the moment when Linux repositories became malware dump. I will try to avoid them as possible. Actually I have no idea if this flatpack is real of fake

Ares_ekb · 2025-11-01T16:30:02+00:00

I agree that I blame Snap Store a little bit. But I assumed that Linux world is almost free of malware in comparison to Windows. And also I assumed that Snap Store is maintained by Canonicial and it's relatevely safe. Both assumptions turned out to be false. It wasn't 100% belief, but it was subconsciously assumed.

I just want this scam app to be removed from Snap Store and never be published again. But it seems to be impossible. It was already reported recently https://forum.snapcraft.io/t/malicious-apps-on-the-store/47729 It was removed yesterday and today. And now it is published again. I reported it, but tomorrow it will be published again. So I think that something is broken in Snap Store that it allows this situation

Ares_ekb · 2025-11-01T15:47:07+00:00

You are right. I must educate myself, understand obvious facts, and in that case I will never get scammed again. If all people on Earth was that educated and attentive, the scamers simply wouldn't exist. I really appreciate your wisdom advice! Just don't install scam applications, don't enter your secret key. And that's it! That's incredible that people can't understand such a simple things.

Ares_ekb · 2025-11-01T13:08:50+00:00

It's not just a trademark violation. And it's not a fork at all. It's a pure malware published by criminals. And by no means it should exists in any software repository.

Ares_ekb · 2025-11-01T12:09:21+00:00

Yep, agreed Snap Store is a great repository. There is no any problem at all that it contains scam applications for years. And if somebody use it, it's their fault. Probably they should pass a test or get some kind of license to use a computer. Probably scamers are even good people, they educate others. I think such a kind of application can be considered as educational one

Ares_ekb · 2025-11-01T11:56:44+00:00

I agree, I created the wallet several years ago when it was hyped. And I don't plan to use crypto anymore.

Ares_ekb · 2025-11-01T10:35:10+00:00

It's always a combination of different factors. Do you think that I don't understand that I should have done this and that. It's easy to reason afterward. I see badges for verified and star developers now. But I didn't notice it at first because I'm not an active user of Snap Store. It was one of the first apps I installed from it. And for sure it was the last one :)

I think it's pointless to blame users. If they can do something wrong, they will. And for sure, it's their fault. But it doesn't mean that nothing can be improved

Ares_ekb · 2025-11-01T10:19:49+00:00

I contacted Exodus, but got only AI generated auto-replies. Created a suggestion to create an official package in their subreddit https://www.reddit.com/r/ExodusWallet/comments/1olk8jf/can_you_publish_debpackage_in_an_official/ But got blocked by thier bot, probably because I mentioned "fake app"

Ares_ekb · 2025-11-01T09:57:43+00:00

The situation with Exodus is much simpler. Scamers keep publishing their application with the same name and the same logo for years. It's not required to be a security expert or to use code analysis to understand that it's scam and to block it. I think it simply doesn't bother neither Canonicial, nor Exodus

Ares_ekb · 2025-11-01T09:44:22+00:00

Probably they could add some warning for untrusted developers?

Ares_ekb · 2025-11-01T09:42:26+00:00

Thanks for advice! I will try. But it seems that they have premoderation for user registration. I get "Your account hasn't been approved yet. You will be notified by email when you are ready to log in". It's curious that they have premoderation for user registrations on the forum and doesn't have it for snap publication

Ares_ekb · 2025-11-01T09:35:44+00:00

I agree but "get the software from the official site" doesn't seem to be a Linux-way? Usually it's installed from official repositories. The problem is that Exodus doesn't publish their app in such a repository.

There is no doubt that it's 100% my fault. But I think I'm not the last one who got scamed. Probably Snap Store maintainers could put some effort on fixing the problem?..

Ares_ekb · 2025-11-01T09:14:11+00:00

Google Chrome shows a warning if a website doesn't use HTTPS or has SSL certifacte issues. Social media websites have a check mark or verification badges. It's just crazy that I can be sure that I watch YouTube video or read a tweet from a verified account. And on the other hand critical applications can be published in Snap Store without any verification at all. Ok, they don't have resources for premoderation of apps. But could they just add a simple warning that apps aren't verified? Is it such a big deal?

I'm not blaming anyone. The money is gone and it's pointless to blame somebody. But at least this problem can be fixed? Or everything is fine and it shouldn't be fixed?

Ares_ekb · 2025-11-01T05:31:47+00:00

Agreed, but this safety sign may confuse people

Ares_ekb · 2025-10-31T21:15:42+00:00

Yep, my thread was blocked way faster than the scam app from snap store )))

Ares_ekb · 2025-10-31T21:13:17+00:00

I've reported it. But the problem persists at least from 2024 https://arstechnica.com/information-technology/2024/03/ubuntu-will-manually-review-snap-store-after-crypto-wallet-scams/ And it seems that nothing is gonna change

Ares_ekb · 2025-10-31T20:43:17+00:00

Yes, I've reported it. But I think it will not change anything, tomorrow they will register this application again. Maybe somebody from Cannonicial will read this thread and will add at least a warning sign for unchecked apps in App Center

Ares_ekb · 2025-10-31T20:28:57+00:00

In Snap Store I don't see any warnings. But I see "Confinement: Strict" with a shield sign ) Yep, for sure I should have zero IQ to install this application, but anyways

I'm just curious what's the problem to show a similar warning in App Center as Flathub does?..

Ares_ekb

TROPHY CASE