Snap Store is under domain hijacking attack, wallet application is tampered with and encrypted assets are stolen

23pds, Chief Information Security Officer of SlowMist, revealed that the Linux platform Snap Store recently experienced a "domain resurrection attack". Hackers took over expired developer domains and updated legitimate applications through official channels, disguising them as wallets such as Exodus, Ledger Live, Trust Wallet, etc., inducing users to enter mnemonics to steal encrypted assets. It has been confirmed that the storewise.tech and vagueentertainment.com domains have been hijacked. This attack exploits the Snap mechanism vulnerability, allowing the original trusted software to be implanted with malicious code without the user's knowledge.