The latest event on this topic from @popey 's blog:
https://popey.com/blog/2024/03/exodus-wallet-part-three/
And it looks like there are more that have popped up since then:
I can only imagine the difficulties of managing everything going on behind the scenes for such a huge platform…but I worry that there is a “perfect is the enemy of progress” situation going on here. The conceptually holistic and 100% accurate process for distinguishing legit from scam apps doesn’t need to exist in order for the most basic checks to be in place.
Some of those could be filtering/moderation, like holding back new app submissions for manual review if they hit a list of “likely targeted for scams” words, and some could be security through transparency, such as exposing more developer/publisher information (like a verified email address) so users can make more informed judgment calls.
Right now, with such limited information available to a user via the Snap Store (web or app), there is little that community users can do to make good decisions themselves about what is safe to install from the store, and maintaining filtering/moderation within Canonical seems to be a struggle to implement…without either of those, IMO it’s tough to be an advocate for the platform in the desktop/app store context.