{"id":3277,"date":"2025-10-18T16:52:03","date_gmt":"2025-10-18T16:52:03","guid":{"rendered":"http:\/\/ft365.org\/index.php\/2025\/10\/18\/lastpass-warns-customers-it-has-not-been-hacked-amid-phishing-email-scam\/"},"modified":"2025-10-18T16:52:03","modified_gmt":"2025-10-18T16:52:03","slug":"lastpass-warns-customers-it-has-not-been-hacked-amid-phishing-email-scam","status":"publish","type":"post","link":"https:\/\/ft365.org\/index.php\/2025\/10\/18\/lastpass-warns-customers-it-has-not-been-hacked-amid-phishing-email-scam\/","title":{"rendered":"LastPass Warns Customers It Has Not Been Hacked Amid Phishing Email Scam"},"content":{"rendered":"<div id=\"cphContent_pnlArticleBody\">\n<div id=\"layout-b10180e5-64dd-4beb-be99-6054f5858528\" data-layout-id=\"2\" data-edit-folder-name=\"text\" data-index=\"0\">\n<p>Password manager LastPass has warned customers that is has \u201cNOT been hacked\u201d after it identified a phishing campaign leveraging the firm\u2019s branding.<\/p>\n<p>The phishing emails used the subject line \u201c<em>We Have Been Hacked &#8211; Update Your LastPass Desktop App to Maintain Vault Security\u201d <\/em>and was sent from the email addresses hello@lastpasspulse[.]blog or hello@lastpassgazette[.]blog.<\/p>\n<p>\u201cThis is an attempt on the part of a malicious actor to draw attention and generate urgency in the mind of the recipient, a common tactic for social engineering and phishing emails,\u201d the firm said in a blog post. \u00a0<\/p>\n<\/p><\/div>\n<figure id=\"layout-363fcd70-bc9f-44d8-b698-56ed65a0b010\" data-layout-id=\"4\" data-edit-folder-name=\"image\" data-index=\"1\"><img decoding=\"async\" src=\"http:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/localimages\/1430b4e5-7a58-464e-8e78-43bc248a1fa4.png\" alt=\"Source: LastPass\"><figcaption>Source: LastPass<\/figcaption><\/figure>\n<div id=\"layout-0b743bcc-fcd7-4808-8808-9b1b8c2b38e8\" data-layout-id=\"2\" data-edit-folder-name=\"text\" data-index=\"2\">\n<p>The link in the email purports to take potential victims to a new desktop app site, which will instead direct victims to a phishing site hosted at lastpassdesktop[.]com or lastpassgazette[.]blog.<\/p>\n<p>Another URL had been registered by the threat actor, (\u201clastpassdesktop[.]app\u201d), which LastPass said could be used in future iterations of this campaign.<\/p>\n<p>It appears that the threat actor has used NiceNIC to host the phishing site.<\/p>\n<p>The security firm said it was working to have the domain taken down as soon as possible and Cloudflare has posted warning pages in front of the site advising visitors that these sites are phishing pages.<\/p>\n<h2><strong>1Password Phishing Scam Threatens to Steal Secret Key <\/strong><\/h2>\n<p>Earlier this month, Malwarebytes reported that a \u201cwell-targeted\u201d phishing campaign saw scammers attempt to get hold of the 1Password credentials belonging to a Malwarebytes\u2019 employee.<\/p>\n<p>Pieter Arntz, a malware intelligence researcher at Malwarebytes Labs, commented in a blog post, \u201cStealing someone\u2019s 1Password login would be like hitting the jackpot for cybercriminals, because they potentially export all the saved logins the target stored in the password manager.\u201d<\/p>\n<p>In September, Brett Christensen, author of the Substack Hoax-Slayer, reported on a phishing campaign purporting to be from 1Password warning customers that their account had been compromised and urging users to rest passwords via a malicious link.<\/p>\n<p>The malicious web page also encouraged users to share their secret key.<\/p>\n<p>1Password secret keys allow access to a user\u2019s password vault, which could provide a trove of information to cybercriminals.<\/p>\n<\/p><\/div>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Password manager LastPass has warned customers that is has \u201cNOT been hacked\u201d after it identified a phishing campaign leveraging the firm\u2019s branding. The phishing emails used the subject line \u201cWe Have Been Hacked &#8211; Update Your LastPass Desktop App to Maintain Vault Security\u201d and was sent from the email addresses hello@lastpasspulse[.]blog or hello@lastpassgazette[.]blog. \u201cThis is<\/p>\n","protected":false},"author":2,"featured_media":3278,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3277","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"featured_image_urls":{"full":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3277-8b80cdf3-7957-45dd-8de5-d35ba3bb6e89.jpg",300,300,false],"thumbnail":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3277-8b80cdf3-7957-45dd-8de5-d35ba3bb6e89-150x150.jpg",150,150,true],"medium":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3277-8b80cdf3-7957-45dd-8de5-d35ba3bb6e89.jpg",300,300,false],"medium_large":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3277-8b80cdf3-7957-45dd-8de5-d35ba3bb6e89.jpg",300,300,false],"large":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3277-8b80cdf3-7957-45dd-8de5-d35ba3bb6e89.jpg",300,300,false],"1536x1536":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3277-8b80cdf3-7957-45dd-8de5-d35ba3bb6e89.jpg",300,300,false],"2048x2048":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3277-8b80cdf3-7957-45dd-8de5-d35ba3bb6e89.jpg",300,300,false],"morenews-featured":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3277-8b80cdf3-7957-45dd-8de5-d35ba3bb6e89.jpg",300,300,false],"morenews-large":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3277-8b80cdf3-7957-45dd-8de5-d35ba3bb6e89.jpg",300,300,false],"morenews-medium":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3277-8b80cdf3-7957-45dd-8de5-d35ba3bb6e89.jpg",300,300,false],"crawlomatic_preview_image":["https:\/\/ft365.org\/wp-content\/uploads\/2025\/10\/3277-8b80cdf3-7957-45dd-8de5-d35ba3bb6e89-146x146.jpg",146,146,true]},"author_info":{"display_name":"henry","author_link":"https:\/\/ft365.org\/index.php\/author\/henry\/"},"category_info":"<a href=\"https:\/\/ft365.org\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","_links":{"self":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/3277","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/comments?post=3277"}],"version-history":[{"count":0,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/posts\/3277\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media\/3278"}],"wp:attachment":[{"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/media?parent=3277"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/categories?post=3277"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ft365.org\/index.php\/wp-json\/wp\/v2\/tags?post=3277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}