According to a report published by Canonical, some users have encountered malicious packages in the Snap Store. After checking, these packages were removed and can no longer be installed.
In this regard, it has also announced a temporary suspension of the use of the automatic verification system for packages published on the Snap Store. In the near future, adding and registering new packages will require manual review before publishing. This change will not affect updates to existing packages.
It should be noted that incidents with malicious packages being uploaded to the Snap Store have happened before; for example, in 2018, packages containing hidden code for mining cryptocurrencies were identified in the Snap Store. This time, problems were identified in the ledgerlive, ledger1, trezor-wallet and electrum-wallet2 packages, published under the guise of official packages from crypto wallet developers, but having nothing to do with their official developers and containing malicious code for stealing cryptocurrencies.
Message about the need to urgently remove packages
Source: linux.org.ru