Apple Approving A Fake LastPass App Raises Security Concerns For iPhone

LastPass developer LogMeIn is raising the alarm on its blog after finding an app impersonating the company’s password manager on the Apple App Store. The app is named “LassPass Password Manager” with an individual named Parvati Patel listed as the fake app’s developer. The doppelganger steals the authentic app’s branding and user interface in an attempt to appear legitimate to unsuspecting users. LogMeIn says that “we are raising this to our customers’ attention to avoid potential confusion and/or loss of personal data.”

Unfortunately, it seems as if app developers need to be on the lookout themselves to send takedown notices to Apple and prevent scammers from taking advantage of their branding. LogMeIn says it “is actively working to get this application taken down as soon as possible, and will continue to monitor for fraudulent clones of our applications and/or infringements upon our intellectual property.”


It's surprising that a fraudulent app that is impersonating one as large and well known as LastPass can make its way past App Store reviewers. The entire point of Apple’s walled garden is that it’s supposed to keep users from ever running into this kind of situation. However, the reality is that the App Store review process is clearly not getting the job done.

Failure such as this one do Apple no favors when the company is opening up iOS in Europe as a requirement of the Digital Markets Act. Users can see that they aren’t any safer within the walled garden and also see users in Europe can access apps in different ways. If this continues to occur there will be more and more questions raised about why a similar loosening of rules can’t be applied globally.