News via Reddit (u/Kron4ek).

Oh, snap! Just because some packages are available to install directly from the Ubuntu Software Center doesn't make them safe. This is proved by a recent discovery of malware in some snap packages from the Ubuntu Snaps Store. The report comes from a bug which mentions that the 2048buntu snap package (and other packages by Nicolas) contains a hidden cryptocurrency miner inside.The init script bundled with the snap package used theemail address. I guess that's one way of getting a Ferrari... 🙂.An interesting aspect is that Nicolas used a proprietary license for at least some of his snaps. For example, the 2048buntu snap was submitted as proprietary (the game itself was not developed by Nicolas). The game in question, 2048 , uses a MIT license which permits distributing it as proprietary, without making the source code available, as long as the copyright notices are retained.Side note: 2048buntu was removed from the Ubuntu Snap store but you can check out its page via Google Cache . But we can't see the package contents any more (unless it's on GitHub somewhere but I couldn't find it).Well, the Ubuntu Snap Store allows anyone to upload snap packages, as opposed to packages (deb) available in the official Ubuntu repositories. The reason for this is to provide more easily installable packages to its users.