- Jul 27, 2015
- 5,458
LastPass says a rogue application impersonating its popular password manager made it past Apple's gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install.
The software maker went public about the fake mobile app on Wednesday, warning that the knockoff "LastPass Password Manager," developed by someone calling themselves Parvati Patel, appeared to be trying to confuse users into running the thing and possibly steal their data or credentials. "Upon seeing the fake 'LassPass' app in the Apple App store, LastPass immediately began a coordinated and multi-faceted approach across our threat intelligence, legal and engineering teams to get the fraudulent app removed," Christofer Hoff, chief secure technology officer for LastPass, told The Register Thursday. "We are in direct contact with representatives from Apple, and they have confirmed receipt of our complaints, and we are working through the process to have the fraudulent app removed," Hoff added.
Cupertino may have been on the case but earlier today the app was still available in the store. El Reg asked Apple why the fake LastPass app was still up, and while we didn't receive a response, the app's URL stopped working and the application disappeared from App Store search results on an iPhone within a few minutes of our email. In other words, it's now gone.
Even with its insistence that opening the App Store to competition would lead to greater threats to user safety, Apple's content rules still aren't completely solid. While we're confident that our readers know well how to spot a fake app from a real one, it's worth reminding everyone how to avoid being tricked into downloading a fake - and this fake LastPass app is rife with examples.
Fake app impersonating LastPass spotted in Apple's App Store
No walled garden can keep out every weed, we suppose
www.theregister.com