CarderPlanet
Professional
This time, the company is fighting phishing attacks. Is this related to previous incidents?
On September 13, 2023, customers of LastPass, a popular password manager, began reporting that they almost fell victim to fraudsters. Several companies and 87 employees of the company itself were targeted.
LastPass acknowledged that it is probably not dealing with targeted attacks by intruders, but with a large phishing campaign .
First, the victims received emails from the address [email protected] [.]th. In the message body, you could find a link to a fake page hosted on the customer-lastpass[.]su subdomain.
Despite their persuasiveness, the emails contained the classic signs of fraudulent content: demanding personal information and pressuring the victim to speed up the process. More attentive users might have noticed that the sender's address was registered in Thailand, which means that it was unlikely to be related to LastPass.
The text of the email reads:
"Attention: Your contact details are outdated. You need to update them to retain full access to your LastPass account. <…>
To avoid deactivating your account functions, please log in by September 26, 2023 and confirm your information."
After assessing the scale of the threat, the LastPass team immediately turned to experts from Fortra's PhishLabs. In an official statement, the company emphasizes: "We started blocking these suspicious domains as soon as we received the first alarm signals from customers."
The attackers did not stop there. On September 19, they registered a similar phishing domain and launched a second wave of attacks. However, several malicious subdomains were still eliminated within 16 hours.
After a series of incidents, public opinion about LastPass was seriously shaken. Recently, experts accused the company of leaking cryptoassets of more than 150 people (after a series of attacks in 2022). At that time, the problem was related to the unreliable protection of secret phrase archives. Specialists have not been able to completely eliminate the consequences for about a year.
Probably, this time the attackers realized that it would be much more convenient if customers provided their credentials themselves.
Judging by the fact that news about suspicious activity continues to appear around the service, customers should be on their guard. Time will tell if LastPass will be able to eliminate all possible threats.
On September 13, 2023, customers of LastPass, a popular password manager, began reporting that they almost fell victim to fraudsters. Several companies and 87 employees of the company itself were targeted.
LastPass acknowledged that it is probably not dealing with targeted attacks by intruders, but with a large phishing campaign .
First, the victims received emails from the address [email protected] [.]th. In the message body, you could find a link to a fake page hosted on the customer-lastpass[.]su subdomain.
Despite their persuasiveness, the emails contained the classic signs of fraudulent content: demanding personal information and pressuring the victim to speed up the process. More attentive users might have noticed that the sender's address was registered in Thailand, which means that it was unlikely to be related to LastPass.
The text of the email reads:
"Attention: Your contact details are outdated. You need to update them to retain full access to your LastPass account. <…>
To avoid deactivating your account functions, please log in by September 26, 2023 and confirm your information."
After assessing the scale of the threat, the LastPass team immediately turned to experts from Fortra's PhishLabs. In an official statement, the company emphasizes: "We started blocking these suspicious domains as soon as we received the first alarm signals from customers."
The attackers did not stop there. On September 19, they registered a similar phishing domain and launched a second wave of attacks. However, several malicious subdomains were still eliminated within 16 hours.
After a series of incidents, public opinion about LastPass was seriously shaken. Recently, experts accused the company of leaking cryptoassets of more than 150 people (after a series of attacks in 2022). At that time, the problem was related to the unreliable protection of secret phrase archives. Specialists have not been able to completely eliminate the consequences for about a year.
Probably, this time the attackers realized that it would be much more convenient if customers provided their credentials themselves.
Judging by the fact that news about suspicious activity continues to appear around the service, customers should be on their guard. Time will tell if LastPass will be able to eliminate all possible threats.
