From what I read/saw about the apps,

they were all web-app like apps, that gave the (only) possibility to import a wallet and then sent all private data to attacker. Isn't this possible to do within a coffined app in Ubuntu Touch too?