Although I use these commands per google, I still couldn’t really wrap my head around how this command works as a pleb. Like – how does it know to grab the right version? How does it know it’s the official version and what would stop someone from potentially a malicious version in one of the ways you can typo the name of the application?
Each distro of Linux has hard coded site addresses called Repositories which have the legal genuine software.
A apt-get install xxxxx command in Linux Mint and Ubuntu will normally address different repositories even though the package being installed is the same.
Apps in repositories are managed by various Linux development groups and it is not possible for just anyone to load malware in those sites.