Report of dodgy crypto app in the snap store

diff -y ./snap_info.txt ../88c8888/snap_info.txt
name:      onis8                                              | name:      88c8888
summary:   desktop app                                          summary:   desktop app
publisher: Hayden Allen (ledger28)                            | publisher: sam kinog (ledgerrapp888)
store-url: https://snapcraft.io/onis8                         | store-url: https://snapcraft.io/88c8888
links:                                                        | license:   unset
  website:                                                    <
    - https://ledger.com                                      <
license: unset                                                <
description: |                                                  description: |
  Easily organize and interact with the services and items th     Easily organize and interact with the services and items th
  — all in one place. Designed for individuals who value inde     — all in one place. Designed for individuals who value inde
  full oversight, this platform provides a streamlined enviro     full oversight, this platform provides a streamlined enviro
  your tools, monitor performance, and explore new possibilit     your tools, monitor performance, and explore new possibilit
  confidence.                                                     confidence.

  Protected environment, designed for peace of mind               Protected environment, designed for peace of mind

  Your information is safeguarded by advanced protection syst     Your information is safeguarded by advanced protection syst
  updated to defend against modern cyber threats. Every actio     updated to defend against modern cyber threats. Every actio
  clearly communicated, helping you stay in full control whil     clearly communicated, helping you stay in full control whil
  secure operating space.                                         secure operating space.

  Total overview, crystal-clear insights                          Total overview, crystal-clear insights

  Access a powerful dashboard that unifies everything you car     Access a powerful dashboard that unifies everything you car
  visible at a glance. Track real-time changes in the service     visible at a glance. Track real-time changes in the service
  discover new options tailored to your needs, and seamlessly     discover new options tailored to your needs, and seamlessly
  digital world without switching apps.                           digital world without switching apps.

  Flexibility with no boundaries                                  Flexibility with no boundaries

  Use third-party features only when you want them. The app a     Use third-party features only when you want them. The app a
  choose providers, compare offerings, and access a wide ecos     choose providers, compare offerings, and access a wide ecos
  without giving up the freedom to decide exactly how you eng     without giving up the freedom to decide exactly how you eng

  Expand your capabilities                                        Expand your capabilities

  Browse a variety of add-ons, experiences, and integrations.     Browse a variety of add-ons, experiences, and integrations.
  your setup, unlock useful functions, and explore innovative     your setup, unlock useful functions, and explore innovative
  designed to adapt to your lifestyle.                            designed to adapt to your lifestyle.

  Beautiful organization of your personal collection              Beautiful organization of your personal collection

  Store, categorize, and showcase your unique digital items i     Store, categorize, and showcase your unique digital items i
  modern viewer. Keep everything structured and ready for qui     modern viewer. Keep everything structured and ready for qui
  whether for personal enjoyment or safe record-keeping.          whether for personal enjoyment or safe record-keeping.

  Designed for every device you use                               Designed for every device you use
notes:                                                          notes:
  private:     false                                              private:     false
  confinement: strict                                             confinement: strict
base:    core20                                                 base:    core20
snap-id: yC54i94XlQdzubvpxYwY1QqIigyet73I                     | snap-id: 4GOuSvBclUQ3zHXjo7XVq9hnSF72pJom
channels:                                                       channels:
  latest/stable:    1.0.1 2025-12-14 (1) 291MB -              |   latest/stable:    1.0.1 2025-12-13 (1) 291MB -
  latest/candidate: ^                                             latest/candidate: ^
  latest/beta:      ^                                             latest/beta:      ^
  latest/edge:      ^                                             latest/edge:      ^

James-Carroll · December 14, 2025, 9:31pm

It’s honestly at the point I feel we should be demanding strong identification checks for all accounts prior to any uploads at all. (And that this shouldn’t count as being “verified” per policy status either).

I like what we have going on overall, but these bad actors undermine the positive work everyone else does. Better to have a small collection of high quality snaps where people have shown some effort into getting approval to submit than to harbor these snaps persistently for months/years, each time they get lucky someone is harmed.

What’s the point of doxing myself to maintain some credibility of “I probably won’t hack you else jailtime” if the actual baddies can just pretend, and this is with my privacy mindset hat on, and living in the Online Safety Act world of which I despise, and aware of Androids future signing requirements; the long term damage here to community and developer side is worth short term pain.

DWD · December 14, 2025, 11:35pm

odysseus-k · December 15, 2025, 7:30am

Hi,

Thanks for flagging these. We’ve now fully processed the reported malicious snaps and have removed them from the Store.

Thanks,

Odysseus

popey · December 15, 2025, 7:59am

Thanks.

I have been reporting them via the form too, in case one gets to your team’s inbox faster than the other.

I want to enable you to resolve these issues as quickly and with as little stress as possible. So, is there a “best” way to do that? I ask because submitting the store form is a little “fire and forget”, with no feedback to me whether it’s actioned or not.

I appreciate that starting a thread on the forum is very public and perhaps irritating. But I guess, so is losing 500 grand of crypto to a scammy app

What’s the best thing to do here?

odysseus-k · December 15, 2025, 9:48am

Hi Alan,

The form you’ve been submitting is absolutely fine. You’re right that it can feel a bit “fire and forget” and unfortunately there’s no feedback loop there yet, but it is the correct intake path.

If you ever notice those snaps remaining in the store for e.g. more than a day, then raising a forum post like this one is a reasonable next step to add visibility and urgency. Thanks again for raising this and for doing so thoughtfully!

Thanks,

Odysseus

DWD · December 15, 2025, 4:58pm

I’ve just found 91 more instances of what I believe to be crypto-wallet info stealers. I have reported them all

mlathara · December 15, 2025, 11:32pm

@DWD Thanks for that list. Those snaps have been removed from the Store.