LastPass installs malware?
From the lastpass download page, I installed the contents of https:// lastpass.com / download / cdn / lpmacosx.zip (de-urlized, for public safety)
My browsers were all hi-jacked, links taken over - lots of 'searchmadeeasy.com' linking (particularly on stackoverlow.com and viewing stackoverflow.com results in google searches) and http:// macsecurity-alert .com (de-urlized again), which is pretty obviously a malware phishing type site.
I never get caught by these sorts of things, and only downloaded lastpass on the recommendation of colleagues. Only by uninstalling lastpass were the issues addressed.
Anyone else seeing this with recent installs of lastpass? Infuriating that what I thought was a respectable company/product is desperate for cash to hijack browsers.
Edit: do tell me if I'm wrong on anything here, please!
17 comments
[ 3.2 ms ] story [ 52.3 ms ] threadMaybe their cdn got hijacked?
I don't think their product is affected, just what gets installed is <nasty>.
I just downloaded:
0778d4528381917a8beaebfa3c033cc81157439fae01c082e8e7f33b51e37340 lpmacosx.zip
The md5 of our download is 0290ce268f6e57b1ce26bb21748b12eb, it was last updated on Mar 4.
It most likely came from a different source.
Like I said, however - the issues disappeared upon uninstallation of the lastpass browser extension pack for OSX, and it certainly seemed to appear on its installation.
For everyone's sake, let's all hope I was idiotic at some prior point and somehow had a different drive-by install...
The only thing that I can come up with is that I happened across a malicious page that did a drive-by install of some malware that magically disappeared upon browser restart (which both the lastpass installer and uninstaller force in order to get their extensions registered).
At least, that's what I'm hoping, or I've still got malware on my system!