Skip to main content
Back to Security Snacks
Malicious Download
Spoofed Domain

Suspicious LastPass Domain

Published on: 
January 1, 2023
On This Page
Share:

Redirects to a cloned page with malicious download

We detected a suspicious LastPass-related domain at lastpass[.]shop which resolves to an unrelated, innocuous food wholesaler site, but contains complex redirects to a LastPass clone page offering a probable malicious download at lastpass[.]shop/en/

The suspicious lastpass[.]shop is registered with namecheap and protected by Cloudflare, compared to the legitimate lastpass[.]com site registered with Name and hosted on Akamai.

Additionally, the download offered at lastpass[.]shop is a zip containing multiple files 10x the size of the official LastPass exe download.

Related Content

SecuritySnacks
Cybersecurity Reading List - Week of 2026-02-02
Commentary followed by links to cybersecurity articles and resources that caught our interest internally.
Learn More
SecuritySnacks
SecuritySnack: Phishing Interviews
Phishing campaign targets job seekers with fake career portals and interview invites, stealing ID.me credentials and deploying malware since August 2025.
Learn More
SecuritySnacks
Pay to Lose: Dubious Online Gambling Games
Be wary of "real money" games this New Year. This report uncovers hundreds of fake Android gambling apps using spoofed reviews, fake win declarations, and "waistcoat" shells to trick users into sideloading unregulated, predatory gambling software.
Learn More

Heading

SecuritySnacks
Research
Newsletters
Podcast Episodes
About
No items found.