Title: Fake LastPass App Sneaks Past Apple's Review Team Post by: HCK on February 11, 2024, 04:05:06 pm Fake LastPass App Sneaks Past Apple's Review Team
Popular password management app LastPass is warning customers (https://blog.lastpass.com/2024/02/warning-fraudulent-app-impersonating-lastpass-currently-available-in-apple-app-store/) about a fraudulent app that uses a similar name and icon to attempt to trick LastPass customers into using the fake app instead of the real app (via Bleeping Computer (https://www.bleepingcomputer.com/news/security/fake-lastpass-password-manager-spotted-on-apples-app-store/)). (https://images.macrumors.com/article-new/2024/02/lasspass-fake-password-manager-app.jpg) The "LassPass Password Manager" app was somehow approved by Apple's App Store (https://www.macrumors.com/guide/app-store/) review team, even though it appears to clearly mimic the LastPass app. It doesn't use exactly the same icon and the name is a letter off, but the similarities could confuse some LastPass users. It is unclear if the fake LassPass app is attempting to steal login information from users, but it does have options for adding passwords, email accounts, addresses, bank accounts, credit cards, debit cards, and more. It doesn't ask for a LastPass login of any kind, but it is possible that the developer can see information added to the app. There is also a "PRO" upgrade that costs $1.99 per month, $9.99 per year, or $49.99 for a "lifetime" subscription, so the aim of the app may be collecting subscription money from customers. Either way, LastPass users should be aware of the fake app and should avoid it. At best it is aiming to steal money, and at worst, it is stealing passwords and credit card information. Clone apps often make their way into the ‌App Store‌, but the app impersonating LastPass is particularly concerning because it could be accessing sensitive information. It is not clear how an app mimicking one of the most popular password management apps was approved by Apple, and its discovery comes at a critical time for the company. Apple has been promoting the safety and security (https://www.macrumors.com/2024/02/03/phil-schiller-on-risks-of-iphone-app-marketplaces/) of the ‌App Store‌ as it prepares to allow for alternate app marketplaces in the European Union, and allowing a fake password management app onto the ‌App Store‌ is not a good look. LastPass contacted Apple to get the clone app removed from the ‌App Store‌, and it was pulled at around 11:00 a.m. Pacific Time on February 8. Apple removed the fraudulent LassPass app because it violated the ‌App Store‌ rule preventing copycat apps. The developer has also been removed from the Apple Developer Program and won't be able to submit future apps. <div class="linkback">Tags: App Store (https://www.macrumors.com/guide/app-store/), LastPass (https://www.macrumors.com/guide/lastpass/)</div> This article, "Fake LastPass App Sneaks Past Apple's Review Team (https://www.macrumors.com/2024/02/08/fake-lastpass-app-in-apple-app-store/)" first appeared on MacRumors.com (https://www.macrumors.com) Discuss this article (https://forums.macrumors.com/threads/fake-lastpass-app-sneaks-past-apples-review-team.2418924/) in our forums Source: Fake LastPass App Sneaks Past Apple's Review Team (https://www.macrumors.com/2024/02/08/fake-lastpass-app-in-apple-app-store/) |