This week, popular password management app LastPass issued a security warning; a fake app with a similar logo and name was live on the Apple Store. Aside from collecting user information and acting as a data decoy,“The LassPass Password Manger” was poised to take cash. The fraudulent app offered a range of premium subscriptions, listing Parvati Patel as its developer. In their announcement, LastPass made it clear that it did not want current or future users to be confused, and risk losing personal data. The company has showcased screenshots (below) and correct app links; comparing the look and feel of their product to the fake app.
Photo Credit: LastPass x GGD News
Although exact details could not be confirmed, users who downloaded “LassPass” compromise their security by providing developers with anything from login info (for other platforms) to credit card and financial data. As Apple gears up to support alternative marketplaces (through its App Store Connect) in the European Union, many are wondering how “LassPass” was able to make it past the review process and get approved for the App Store in the first place.
Shortly after LastPass issued their warning, Apple removed the clone app from its Store. The developer has also been banned from the Apple Developer Program and will not be able to submit apps in the future.