Well-liked password administration app LastPass is warning clients a few fraudulent app that makes use of the same identify and icon to aim to trick LastPass clients into utilizing the pretend app as a substitute of the true app (through Bleeping Laptop).
The “LassPass Password Supervisor” app was someway permitted by Apple’s App Retailer overview workforce, despite the fact that it seems to obviously mimic the LastPass app. It does not use precisely the identical icon and the identify is a letter off, however the similarities may confuse some LastPass customers.
It’s unclear if the pretend LassPass app is trying to steal login data from customers, nevertheless it does have choices for including passwords, electronic mail accounts, addresses, financial institution accounts, bank cards, debit playing cards, and extra. It does not ask for a LastPass login of any sort, however it’s attainable that the developer can see data added to the app.
There may be additionally a “PRO” improve that prices $1.99 monthly, $9.99 per yr, or $49.99 for a “lifetime” subscription, so the purpose of the app could also be accumulating subscription cash from clients. Both method, LastPass customers ought to concentrate on the pretend app and may keep away from it. At greatest it’s aiming to steal cash, and at worst, it’s stealing passwords and bank card data.
Clone apps usually make their method into the App Retailer, however the app impersonating LastPass is especially regarding as a result of it may very well be accessing delicate data. It’s not clear how an app mimicking one of the widespread password administration apps was permitted by Apple, and its discovery comes at a important time for the corporate.
Apple has been selling the protection and safety of the App Retailer because it prepares to permit for alternate app marketplaces within the European Union, and permitting a pretend password administration app onto the App Retailer just isn’t a great look.
LastPass says that it’s working to get the clone app faraway from the App Retailer. Although LastPass revealed its alert yesterday, and presumably contacted Apple on the identical time, the app stays within the App Retailer as of now.
Replace 11:00 a.m. Pacific Time: The LassPass app has been faraway from the App Retailer.
