Published on: February 13, 2024
LastPass has issued an alert about a phony imitation of its app on the Apple App Store, which may have been potentially designed as a phishing tool to compromise users’ login information.
The fraudulent app has a similar icon to the real LastPass app, features a red-themed user interface designed to mimic the brand’s original aesthetic, and credits “Parvati Patel” as its publisher.
The biggest giveaway, however, is the name “LassPass,” which is a slight deviation from the original “LastPass.”
What’s more, it has only a couple of ratings, a stark contrast to the legitimate app’s 52,000+ reviews— some of the comments even warn potential users about its fraudulent nature.
Given that LastPass serves as a vault for highly confidential data, including authentication codes and credentials (usernames/emails and passwords), the creation of this app appears to be a phishing attempt aimed at pilfering such information.
The authentic LastPass issued an alert on its website.
“The app attempts to copy our branding and user interface,” LastPass said in a statement, adding that “close examination of the posted screenshots reveal misspellings and other indicators the app is fraudulent.”
“We are raising this to our customers’ attention to avoid potential confusion and/or loss of personal data. For clarification, below we have included the URL for the fraudulent app as well as the link to our legitimate app so that customers can verify they are downloading the correct LastPass application for themselves until the fraudulent app is taken down,” the statement continues.
“Rest assured, LastPass is actively working to get this application taken down as soon as possible, and will continue to monitor for fraudulent clones of our applications and/or infringements upon our intellectual property,” LastPass concludes.
Apple has confirmed that it’s taken down the fake app from the App Store for violating their guideline on copycat apps. Also, the app’s developer has been removed from the Apple Developer Program.