Malicious cryptocurrency mining tools can be found on any operating system these days. Although mobile devices and Windows are the primary targets in this regard, it seems Ubuntu users aren’t safe either. The Ubuntu Snap Store contained a cryptocurrency miner disguised as 2048buntu.
Ubuntu Cryptocurrency Miner is a Problem
While most people would assume cryptocurrency miners wouldn’t target Linux users all that often, the reality is seemingly a bit different. It is certainly true mobile and Windows users are far more prone to malicious cryptocurrency mining attempts these days, but Ubuntu is also of keen interest. More specifically, the first malicious cryptocurrency mining application was recently discovered in the Ubuntu Snap Store.
Known as 2048buntu, the application used mining code to mine the Bytecoin altcoin. It is the first time BCN has been of great interest to criminals, as they usually prefer to get involved with Monero mining. Bytecoin doesn’t offer the same degree of privacy and anonymity as one can find in Monero, but it seems there is an interest in this altcoin mainly because of its recent pump-and-dump schemes.
Even so, the 2048buntu application has been a big problem for Ubuntu users all over the world. It is evident the developers added this code on purpose, although it remains unclear if there was any nefarious intent. All applications on the Ubuntu Snap Store are open source, which means anyone can easily access, modify and redistribute their code. This is a reminder that open source software can’t be trusted automatically.
Distributing software containing a function unknown to the user is clearly nefarious. Whether or not it was ever turned on is unknown, but it’s beside the point. The application has no business mining cryptocurrency, as doing so is not one of its official functions. Nevertheless, it’s not malware, although some people may classify it as such.
Thankfully, it seems the 2048buntu application has been removed from the Ubuntu Snap Store. This is a positive development, as it seems plenty of users had reported the application to the Ubuntu developers. For the time being, it remains unclear if any Bytecoin has been mined by this particular tool, but it should have never been in the Snap Store to begin with.
For the time being, we’ll have to wait and see how this situation unfolds. It sets an interesting precedent for Linux users, although it’s possible no real damage was done. Unethical behavior is still a problem, and the Ubuntu Snap Store team will need to do a far better job of vetting new applications to avoid issues like these moving forward.