PANews reported on January 21 that, according to 23pds, Chief Information Security Officer of SlowMist, a new type of "domain resurrection attack" has recently emerged on the Linux platform Snap Store. Hackers take over expired developer domains and update legitimate applications through official channels, disguising them as wallets such as Exodus, Ledger Live, and Trust Wallet to trick users into entering mnemonic phrases, thereby stealing encrypted assets. It has been confirmed that storewise.tech and vacuumentertainment.com have been hijacked. This attack abuses the Snap mechanism, implanting malicious code into previously trusted software without the user's knowledge.