LastPass has warned about a fake app mimicking its software on the Apple App Store, urging customers seeking to download their favorite password management client to be cautious.
LastPass by LogMeIn is a widely used password management service that securely stores and manages users’ passwords and login information. It’s designed to help individuals and businesses generate strong passwords, securely store them in an encrypted vault, and effortlessly fill in passwords and personal information when logging into websites and online services.
Recently, the service learned about an impostor version of its application that was uploaded to the Apple App Store, the official marketplace for iPhone and iPad users. This counterfeit app mirrors the official one in name, employs a similar icon, and showcases relevant features on the screenshots it uses on the App Store to give an overall authentic character to its entry.
“LastPass would like to alert our customers to a fraudulent app attempting to impersonate our LastPass app on the Apple App Store,” reads the alert.
“The app attempts to copy our branding and user interface, though close examination of the posted screenshots reveal misspellings and other indicators the app is fraudulent.”
Apart from the above signs of fraud, the app lists’ Parvati Patel’ as its publisher and shows a stark difference in credibility compared to the real app, evidenced by user reviews present on the App Store page, unanimously calling out the app as a phishing tool.
LastPass says it is actively working to get this app down as soon as possible, but at the time of writing, the fraudulent app is available on the App Store. Hence, the risk of people installing it and giving away their sensitive data remains.
The appearance of a blatant copy of a renowned password manager on the Apple App Store, an entity known for its rigorous security and content standards, represents an uncommon lapse for Apple. The firm’s meticulous vetting and approval process might inadvertently lend credibility to such a fraudulent app, leading many iOS users to trust it because it has been listed on the App Store.
This case should act as a good reminder that risks always lurk even in the most well-scrutinized and safeguarded platforms, and users should always practice due diligence before installing an app on their devices.