Security News > 2024 > February > Fake LastPass password manager spotted on Apple’s App Store
LastPass is warning that a fake copy of its app is being distributed on the Apple App Store, likely used as a phishing app to steal users' credentials.
As LastPass is used to store very sensitive information, such as authentication secrets and credentials, the app was likely created to act as a phishing app and steal credentials.
"We have included the URL for the fraudulent app as well as the link to our legitimate app so that customers can verify they are downloading the correct LastPass application for themselves until the fraudulent app is taken down," reads LastPass' alert.
The inclusion of such an obviously fraudulent app on the Apple App Store is a very rare case, thanks to the company's stringent app review process, which ensures that software in the App Store meets high standards for privacy, security, and content.
When Apple becomes aware of an app that violates its guidelines, it typically acts quickly to remove it from the App Store and ban the developer.
The fake LastPass remains available on the Apple App Store at the time of this story's publication.