LastPass

LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users' credentials.

The fake app uses a similar name to the genuine app, a similar icon, and a red-themed interface made to appear close to the brand's authentic design.

However, the fake app's name is 'LassPass,' instead of 'LastPass,' and it has a publisher of 'Parvati Patel.' 

In addition, there's only a single rating (the real app has over 52 thousand), with only four reviews that warn about it being fake.

Fake LastPass app on the App Store
Fake LastPass app on the App Store
Source: BleepingComputer

As LastPass is used to store very sensitive information, such as authentication secrets and credentials (username/email and password), the app was likely created to act as a phishing app and steal credentials.

BleepingComputer has not tested the app, so we are not familiar with its inner workings, potential phishing process, or any other details about its functionality.

The real LastPass warned about the existence of the clone app via an alert on its website to raise customers' attention to the risk of data loss.

"We have included the URL for the fraudulent app as well as the link to our legitimate app so that customers can verify they are downloading the correct LastPass application for themselves until the fraudulent app is taken down," reads LastPass' alert.

"Rest assured, LastPass is actively working to get this application taken down as soon as possible and will continue to monitor for fraudulent clones of our applications and/or infringements upon our intellectual property."

The inclusion of such an obviously fraudulent app on the Apple App Store is a very rare case, thanks to the company's stringent app review process, which ensures that software in the App Store meets high standards for privacy, security, and content.

This process includes automated checks and manual review by Apple's team to ensure adherence to a detailed set of guidelines that developers must follow. Yet, somehow, this LastPass clone was accepted.

Also, when Apple becomes aware of an app that violates its guidelines, it typically acts quickly to remove it from the App Store and ban the developer. However, the fake LastPass remains available on the Apple App Store at the time of this story's publication.

The same developer has another app on the App Store that seems legitimate, so the possibility of their account having been hijacked by malicious actors cannot be ruled out.

If you have installed the fake LastPass app, you should immediately remove it and change your password at lastpass.com. It is then advised to perform the arduous task of resetting all passwords stored in your LastPass vault to be safe.

BleepingComputer reached out to Apple about the fake LastPass app, but a response was not immediately available.

Update 2/9 - Apple has confirmed to BleepingComputer that the fraudulent LastPass app has now been removed from the App Store for violating their guideline on copycat apps. Also, the app's developer has been removed from the Apple Developer Program.

The Apple spokesperson also noted that the company has a content dispute process in place for developers who believe another project violates their intellectual property rights, confirming that they received a trademark dispute from LastPass regarding the copycat app.

Related Articles:

Fraudsters tried to scam Apple out of 5,000 iPhones worth over $3 million

CISA warns of patched iPhone kernel bug now exploited in attacks

iPhone apps abuse iOS push notifications to collect user data

Apple fixes first zero-day bug exploited in attacks this year

iShutdown scripts can help detect iOS spyware on your iPhone