This "Linux App Store" is a fake

A fake 'Linux App Store' called Lindto Prime is impersonating a legitimate open-source project (Lindto) through SEO manipulation on Bing and DuckDuckGo. The fake site, likely AI-generated, redirects users to a Soviet Union (.su) domain and delivers a Windows info-stealing payload that launches Chrome in debug mode to steal cookies and browser data, exfiltrating it to a DigitalOcean host. The same campaign impersonates multiple other open-source projects using similar tactics, including password-protected zips to evade antivirus and fake VirusTotal endorsements. Users are warned not to trust high search rankings as a signal of legitimacy.