Lastpass Archive
17 Jan 2016
How to achieve a briliant phishing attack

Sean Cassidy shows how to achieve a briliant phishing attack on Lastpass by combining multiple security holes. This attack is powerfull because the author made a clear roadmap which checks if LastPass is installed, then logging out the user using a known vulnerability in the browser. The author tricks the user to login on the