How much will this event hurt the image of the Apple company?
In light of Apple's positioning of its branded App Store as a safe and reliable source of applications, the company faced a serious threat to its image: a fraudulent application disguised as LastPass appeared in the official catalog.
Despite the company's claims about security, the app review process failed to prevent the fake from appearing in the App Store. The app, called LassPass and featuring a logo that strongly resembles the official one, was removed by Apple two days later after LastPass representatives personally contacted the company.
Mike Kosak, a senior analyst at LastPass, also posted a warning to users on the service's official blog, attaching screenshots and links to both the fraudulent app and the legitimate one.
It is noteworthy that the company did not delete another potentially dangerous application from the same developer, Parvati Patel, although the author clearly violated the store's rules by uploading a blatant fake.
The fake LastPass app prompted users to enter personal information, including passwords and bank card details, and also offered paid subscriptions. However, it was not determined whether the app collected LastPass account data or copied stored data.
Thomas Reed of Malwarebytes noted that the page with the fake privacy policy was unavailable, and the domain specified for this page was registered only five months ago. This highlights the importance of thoroughly checking apps before downloading them.
The incident with the fake LastPass app raises serious questions about the verification processes and security policies in the App Store, as well as the measures that Apple takes to protect its users from fraudulent applications.
In light of Apple's positioning of its branded App Store as a safe and reliable source of applications, the company faced a serious threat to its image: a fraudulent application disguised as LastPass appeared in the official catalog.
Despite the company's claims about security, the app review process failed to prevent the fake from appearing in the App Store. The app, called LassPass and featuring a logo that strongly resembles the official one, was removed by Apple two days later after LastPass representatives personally contacted the company.
Mike Kosak, a senior analyst at LastPass, also posted a warning to users on the service's official blog, attaching screenshots and links to both the fraudulent app and the legitimate one.
It is noteworthy that the company did not delete another potentially dangerous application from the same developer, Parvati Patel, although the author clearly violated the store's rules by uploading a blatant fake.
The fake LastPass app prompted users to enter personal information, including passwords and bank card details, and also offered paid subscriptions. However, it was not determined whether the app collected LastPass account data or copied stored data.
Thomas Reed of Malwarebytes noted that the page with the fake privacy policy was unavailable, and the domain specified for this page was registered only five months ago. This highlights the importance of thoroughly checking apps before downloading them.
The incident with the fake LastPass app raises serious questions about the verification processes and security policies in the App Store, as well as the measures that Apple takes to protect its users from fraudulent applications.
