hodler

21 Jan 2026, 15:40

Hackers Hijack Snap Store Accounts to Push Crypto-Stealing Malware on Linux

Cryptocurrency hackers are exploiting trusted Linux software to steal digital assets, using a new technique that turns legitimate Snap Store packages into malware. Key Takeaways: Hackers are exploiting trusted Snap Store packages to steal cryptocurrency by hijacking existing publisher accounts. The attacks rely on expired domains and email addresses to push malicious updates. The incidents reveal weaknesses in the platform’s trust and security model. Rather than creating fresh accounts on the Snap Store, which is operated by Canonical, attackers are now taking over existing publisher accounts, according to a warning from Ubuntu contributor and former Canonical developer Alan Pope. The method relies on identifying expired web domains and email addresses linked to long-standing Snap Store developers, registering those domains, and then using the recovered access to hijack Snapcraft accounts. Attackers Turn Legitimate Packages Malicious Once inside, the attackers push malicious updates to packages that were previously benign, catching users off guard through automatic updates and long-established trust signals. The Snap Store, like other major package repositories, has long been a target for malware campaigns. Early efforts were relatively unsophisticated, with scammers publishing fake crypto wallet applications under newly created accounts. When those attempts became easier to detect, attackers began disguising malicious apps using lookalike characters from other alphabets to evade filters. According to Pope, the tactic then evolved into a bait-and-switch approach. Attackers would publish harmless software under neutral names such as “lemon-throw” or “alpha-hub,” often posing as simple games. After approval and a period of inactivity, a follow-up update would quietly introduce a fake crypto wallet designed to steal funds. The latest development raises the stakes. In at least two confirmed cases, attackers took control of expired domains once owned by legitimate Snap publishers and used them to distribute wallet-stealing malware through automatic updates. A new Snap Store scam campaign abuses expired publisher domains to bypass trust signals and deliver malicious app updates. https://t.co/nWL9HGXACe #Linux #OpenSource — Linuxiac (@linuxiac) January 19, 2026 The affected applications appeared normal on the surface but were built to harvest wallet recovery phrases and transmit them to attacker-controlled servers. By the time users noticed suspicious behavior, funds and sensitive data were already compromised. Canonical has since removed the malicious snaps, but Pope warned that the response highlights deeper weaknesses in the platform’s trust model. He said domain takeovers undermine publisher longevity as a safety signal and called for additional safeguards, including monitoring domain expirations, enforcing stronger account verification for dormant publishers, and requiring mandatory two-factor authentication. Security Researcher Warns of Delayed Snap Store Takedowns Pope also noted delays in removing reported malicious snaps, sometimes stretching over several days. He advised users to exercise extra caution when installing cryptocurrency wallets on Linux and to consider downloading them directly from official project websites instead of app stores. To help users assess risk, Pope created SnapScope, a web-based tool that flags snaps as suspicious or malicious before installation. He also urged developers to keep domain registrations active and secure Snapcraft and email accounts with two-factor authentication. According to Chainalysis, illicit cryptocurrency addresses received a record $154 billion in 2025 , a sharp increase from the year before. In another case, US prosecutors have charged a 23-year-old Brooklyn resident , Ronald Spektor, with stealing roughly $16 million in cryptocurrency from around 100 Coinbase users through an alleged phishing and social engineering scheme. The post Hackers Hijack Snap Store Accounts to Push Crypto-Stealing Malware on Linux appeared first on Cryptonews .

21 Jan 2026, 15:23

Hackers hijack Snap Store accounts to steal crypto from Linux users

Linux users face a new threat as cybercriminals exploit a critical vulnerability in Canonical’s Snap Store, hijacking trusted developer accounts to distribute cryptocurrency-stealing malware disguised as legitimate wallet applications. SlowMist’s chief information security officer, 23pds, who has the X handle @im23pds, warned that attackers are monitoring developer accounts whose associated domain names have expired. How does the Snap Store attack work? 23pds wrote , “Linux users beware: A new type of attack is raging in Snap Store — expired domains have been taken over by hackers and turned into backdoors to steal users’ crypto assets. The tampered applications are disguised as well-known crypto wallets such as Exodus, Ledger Live, or Trust Wallet, tricking users into entering their ‘wallet recovery seed phrase,’ resulting in complete theft of funds.” Once a target domain expires and becomes available for registration, the attackers immediately purchase it, then use the email address linked to that domain to trigger password resets on the Snap Store. This grants them complete control over long-established, trusted publisher identities without raising immediate suspicion. At least two developer accounts have been confirmed as compromised using this method, with domains storewise.tech and vagueentertainment.com falling into the attackers’ hands. The malicious actors, believed to be based in Croatia according to Alan Pope, a former Canonical developer and Ubuntu contributor, have been conducting campaigns against Snap Store users for approximately two years. The domain takeover is the latest and most concerning evolution of the action of these bad actors, as it now means that “legitimate software installed and trusted by users for years could have malicious code injected by hackers through official update channels overnight.” According to 23pds, “The tampered applications are usually disguised as well-known crypto wallets such as Exodus, Ledger Live, or Trust Wallet, with interfaces almost indistinguishable from the genuine versions.” He stated, “After the app launches, it first connects to a remote server to verify the network, then immediately prompts the user to enter their ‘wallet recovery mnemonic phrase.’ Once the user submits it, these sensitive details are instantly transmitted to the attacker’s server, resulting in the theft of funds.” Victims often discover that their funds have been stolen before noticing that anything is wrong because the attack exploits long-standing trust relationships. What are major platforms doing to curtail domain resurrection attacks? GitHub, PyPI, and npm have all experienced similar domain resurrection attacks . A 2022 academic study identified over 2,800 npm developer accounts configured with email addresses whose domains had subsequently expired, highlighting the scale of potential vulnerability. In June 2025, the Python security team removed more than 1,800 expired email addresses from developer accounts, forcing developers to re-verify their credentials with active domains upon their next login. The problem stems from what security experts call internet or link rot, where developers moving between jobs or email providers fail to update account information across all platforms, creating exploitable security gaps. Pope stated that Canonical needs to address the issue by implementing safeguards, which could be monitoring domain expiry on publisher accounts, requiring additional verification for dormant accounts, implementing mandatory two-factor authentication, or other measures. If you're reading this, you’re already ahead. Stay there with our newsletter .

21 Jan 2026, 14:08

Bhutan Bets on Sei Validator in Q1 2026 as Tokenization Talks Open

The Kingdom of Bhutan and the Sei Development Foundation announced a strategic partnership to deploy a Sei Network validator in Bhutan, with plans to go live in the first quarter of 2026. The deal aims to strengthen the nation’s blockchain infrastructure and explore tokenization of assets and economic use cases tied to digital transformation efforts. Bhutan’s sovereign wealth fund, Druk Holding and Investments Ltd. (DHI), through its InnoTech division, will lead the validator rollout. The initiative will build national capacity to support blockchain infrastructure and contribute to emerging digital financial services. Sapien Capital, an investment vehicle focused on science and innovation, is backing parts of the deployment. Officials from both sides said the collaboration reflects Bhutan’s growing interest in advanced technology to support national priorities. They said it will create new pathways for data valuation, scientific advancement, payments systems, and asset tokenization — a process that could allow real-world assets to be represented and traded on blockchain networks. National Blockchain Infrastructure and Digital Strategy Bhutan is positioning itself as a leader in blockchain and digital asset infrastructure in Asia. The validator project comes amid broader efforts to modernize government technology and support innovative financial frameworks. Bhutan has already used blockchain in national projects, including its digital identity system, which aims to give citizens secure control over personal data and verification processes. The validator will serve as part of the backbone for the Sei Network, a layer-1 blockchain designed for high-speed and low-cost transactions. In practice, validators verify transactions and secure the network. By hosting a national validator, Bhutan gains direct participation in blockchain operations while potentially enabling domestic digital services that rely on decentralized systems. Officials from DHI said that the partnership aligns with Bhutan’s long-term vision of technological self-reliance. They highlighted the importance of building expertise within the country and expanding opportunities in financial technology and digital commerce. Historical Context and Broader Innovation Bhutan’s embrace of blockchain is part of a wider digital strategy that predates the Sei partnership. The country has pursued blockchain-based identity systems and explored “internetless” blockchain experiments to overcome connectivity challenges in its mountainous terrain. Bhutan also has a history of integrating digital assets into national initiatives. For example, local authorities have advanced blockchain components in identity verification and financial systems, while recent projects have included partnerships with global technology firms to test decentralized systems in challenging environments. Analysts say Bhutan’s approach reflects a larger trend of governments adopting blockchain beyond cryptocurrency speculation, focusing instead on secure data platforms, digital services and tokenized economic models that can support broader economic goals. The validator project marks a key step in Bhutan’s ongoing innovations and could influence other nations considering sovereign participation in decentralized infrastructure.

21 Jan 2026, 13:25

Solana Policy Institute Demands Critical Legal Protections for Developers Amid Regulatory Storm

BitcoinWorld Solana Policy Institute Demands Critical Legal Protections for Developers Amid Regulatory Storm In a significant policy intervention this week, the Solana Policy Institute issued a stark warning about the future of technological innovation in the United States. The non-profit organization is urgently calling for stronger legal safeguards for software developers, framing the issue as a fundamental choice between fostering innovation and driving talent overseas. This call to action follows the high-profile conviction of Tornado Cash developer Roman Storm, a case the institute describes not as an isolated event but as a crucial precedent. The institute’s position highlights a growing tension within the U.S. regulatory landscape, where the principles of open-source development increasingly clash with stringent financial crime enforcement. Consequently, the debate now centers on whether developers can be held liable for how others utilize their publicly available code. Solana Policy Institute Advocates for Developer Legal Protections The Solana Policy Institute, established to research and advocate for sensible blockchain governance, has positioned itself at the forefront of a critical digital rights discussion. The organization argues that current legal frameworks inadequately protect software creators, especially those working on decentralized and open-source projects. Furthermore, the institute contends that without clear safe harbors, developers face unacceptable legal risks that stifle creativity and technological progress. This advocacy comes at a pivotal moment, as jurisdictions worldwide grapple with applying existing laws to novel Web3 technologies. The institute’s report, citing legal scholars and historical tech policy, suggests that ambiguous liability standards could cause a “brain drain” from the American tech sector. Therefore, their recommendations aim to balance necessary law enforcement with the protection of legitimate software innovation. The Roman Storm Case: A Defining Legal Precedent The institute’s advocacy directly references the landmark case against Roman Storm. In August 2023, the U.S. Department of Justice indicted Storm on serious charges, including conspiracy to commit money laundering and operating an unlicensed money transmitter. Prosecutors alleged that Storm, as a co-developer of the Tornado Cash privacy tool, willfully facilitated criminal activity. However, the defense and many in the tech community argued that Storm merely published open-source code, which is a protected activity under the First Amendment. A jury ultimately convicted Storm, sending shockwaves through the global developer community. This verdict established a precedent that developers can be held criminally liable for third-party misuse of their tools. The Solana Policy Institute emphasizes that this case exemplifies the precise legal vulnerability their proposed protections seek to address. Analyzing the Broader Impact on Software Innovation The implications of the Storm verdict extend far beyond a single developer or protocol. Legal experts warn that the ruling creates a chilling effect on open-source development, particularly for financial privacy and blockchain tools. Developers may now hesitate to work on projects that could be misused, even if their primary purpose is legitimate. This hesitation could slow innovation in critical areas like zero-knowledge proofs, decentralized finance, and secure communication protocols. Moreover, the uncertainty pushes startups to incorporate in jurisdictions with more favorable digital asset laws. The Solana Policy Institute’s analysis includes a comparative table of international approaches: Jurisdiction Approach to Developer Liability Notable Legislation/Policy United States Aggressive prosecution based on tool misuse Bank Secrecy Act, Money Transmitter Laws European Union Risk-based, focused on entity control (MiCA) Markets in Crypto-Assets Regulation Switzerland Distinction between code publication and service operation Fintech licensing sandbox Singapore Guidance-based, emphasizing intent and governance Payment Services Act This global patchwork creates complexity for developers working on international projects. The institute’s call for stronger protections is therefore also a call for legal clarity and predictability. Historical Context and Expert Perspectives This debate echoes earlier technological battles. In the 1990s, the U.S. government treated strong encryption software as a munition, restricting its export. However, courts and policymakers eventually recognized that code was speech, leading to more nuanced regulations. Similarly, the early internet faced liability questions regarding platform content, which Congress addressed with Section 230 of the Communications Decency Act . This provision granted immunity to platforms for user-generated content, a protection credited with enabling the growth of the modern web. The Solana Policy Institute suggests that a similar, tailored safe harbor is needed for public good software development. Legal scholars like Professor Angela Walch of St. Mary’s University School of Law have noted the difficulty of applying old financial laws to new technological paradigms. She argues that regulation must distinguish between the act of creating software and the act of operating a financial service. The institute’s proposal aligns with this expert view, advocating for liability shields when developers do not control or profit directly from specific illicit transactions. Proposed Framework for Developer Safeguards The Solana Policy Institute does not merely identify a problem; it proposes a concrete framework for change. Their recommendations, aimed at legislators and regulators, include several key pillars: Clear Safe Harbor Provisions: Establish legal protections for developers of open-source software who publish code for legitimate purposes, absent evidence of direct intent to facilitate crime. Intent-Based Prosecution: Require prosecutors to demonstrate specific criminal intent, moving away from strict liability based on potential misuse. Regulatory Sandboxes: Create formal environments where developers can build and test novel financial tools under temporary regulatory relief and supervision. Public Interest Defense: Allow developers to argue that their software provides a net public benefit, such as enhancing financial privacy or security. Technical Advisory Bodies: Involve expert technologists in the regulatory process to accurately assess the capabilities and limitations of software tools. This framework seeks to protect good-faith innovation while preserving the government’s ability to prosecute bad actors who intentionally build tools for criminal enterprise. The Stakes for U.S. Technological Leadership The ultimate stakes, as framed by the institute, are national competitiveness. The United States has long been the global leader in software innovation, attracting top talent and venture capital. However, the current legal uncertainty threatens this position. Developers and entrepreneurs may choose to launch projects in more legally predictable environments like the EU or Singapore. This shift could deprive the U.S. economy of future technological breakthroughs and high-skilled jobs. The blockchain sector, in particular, represents a frontier of computing with applications across finance, supply chain, and digital identity. Losing leadership in this space could have long-term strategic consequences. The institute’s report concludes that proactive, sensible policy is not just about protecting developers—it is about securing America’s innovative future. Conclusion The Solana Policy Institute’s call for stronger legal protections for developers marks a critical moment in the evolution of technology policy. The case of Roman Storm has crystallized a profound legal risk facing software innovators, particularly in the blockchain domain. As the institute argues, the United States now faces a clear choice: it can update its legal frameworks to safeguard good-faith innovation, or it can risk ceding its technological leadership through overbroad liability standards. The proposed safeguards—emphasizing intent, safe harbors, and expert guidance—offer a path forward that balances innovation with security. The outcome of this debate will undoubtedly shape not only the future of blockchain but the broader landscape of software development for years to come. FAQs Q1: What is the Solana Policy Institute? The Solana Policy Institute is a non-profit research and advocacy organization focused on developing sensible, innovation-friendly public policy for blockchain and digital asset technologies. It engages with lawmakers, regulators, and the public to promote balanced governance. Q2: Why is the Roman Storm case so important to this debate? The Roman Storm case is pivotal because it resulted in the criminal conviction of a developer for publishing open-source code. It set a legal precedent that developers can be held liable for how unknown third parties misuse their software, creating significant uncertainty for the entire open-source community. Q3: What specific legal protections is the institute proposing? The institute advocates for several measures, including clear safe harbor laws for open-source development, a requirement for prosecutors to prove specific criminal intent, the creation of regulatory sandboxes for testing new tools, and the establishment of a “public interest” defense for beneficial software. Q4: How does this issue affect developers who aren’t working in cryptocurrency? While the immediate cases involve blockchain, the legal principles at stake apply to all software development. Tools for encryption, networking, and data privacy could also face similar liability challenges if used for illicit purposes, potentially chilling innovation across the tech sector. Q5: Are other countries facing similar debates? Yes, jurisdictions worldwide are grappling with these questions. The European Union’s MiCA regulation takes a different approach, focusing liability on the entities that control a protocol, not necessarily the original developers. This international divergence adds complexity to global software projects. This post Solana Policy Institute Demands Critical Legal Protections for Developers Amid Regulatory Storm first appeared on BitcoinWorld .

21 Jan 2026, 13:22

Blockchain technology can accelerate global GDP growth, Citizens says

The bank said the technology is shifting from experimentation to real-world deployment, with implications for capital markets, governments and global GDP.

21 Jan 2026, 13:18

Chinese stocks surge on tech push while global markets tumble

Chinese stocks climbed higher on Wednesday even as markets worldwide pulled back, with investors focusing on the government’s increased efforts toward technology independence despite growing concerns about international tensions. Like the Nasdaq, the STAR 50 Index saw its largest rise in a week at its apex, rising 4.3 percent. By mid-afternoon, the CSI 300, which measures mainland equities more generally, had gained 0.5%. Global markets decline amid trade tensions This performance stood in sharp contrast to other markets. Asian stocks overall fell 0.8 percent, while the S&P 500 posted its worst decline since October after US President Donald Trump threatened tariffs against European countries that turned down his offer to buy Greenland. What lifted the world’s second-biggest stock market was a new commitment from Chinese officials to speed up development of domestic artificial intelligence and push for advances in technology. Over the past year, Chinese markets have held up better than expected, helped by surprisingly robust exports and government backing for cutting-edge manufacturing and technology sectors, which have softened the impact of tariff disputes. Chip stocks lead the rally Chip companies saw particularly strong gains throughout Asia as memory prices increased, but the jumps were especially notable in China. Loongson Technology Corp shot up 20 percent, while Hygon Information Technology Co rose 17 percent. Steven Tseng, senior analyst at Bloomberg Intelligence, noted the chip stock strength appeared widespread rather than just tied to memory price increases. He suggested it likely related to China’s focus on becoming self-sufficient in chip production. Earlier this month, mainland Chinese stocks hit their highest point in four years before authorities stepped in with measures like tighter margin financing rules to cool the rally. Chen Shi, fund manager at Shanghai Jade Stone Investment Management Co, expects stocks to keep climbing due to limited investment options domestically, predicting more days ahead where China beats global markets . Want your project in front of crypto’s top minds? Feature it in our next industry report, where data meets impact.