Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
DHS Confirms Breach of HSIN Information Sharing Network
July 2, 2026
ChatGPT Flaw Exposes User Files, Poses System Access Risk
July 2, 2026
Critical Oracle E-Business Suite CVE-2024-21094 exploited, exposing 900+ instances
July 2, 2026
Home/CyberSecurity News/LastPass Warns of Fake Maintenance Message Tracking Users to Steal Master Passwords
CyberSecurity News

LastPass Warns of Fake Maintenance Message Tracking Users to Steal Master Passwords

LastPass has issued a critical security alert regarding an active phishing campaign that began on January 19, 2026. Threat actors are impersonating LastPass support staff, sending fraudulent emails...

Jennifer sherman
Jennifer sherman
January 21, 2026 2 Min Read
33 0

LastPass has issued a critical security alert regarding an active phishing campaign that began on January 19, 2026. Threat actors are impersonating LastPass support staff, sending fraudulent emails that claim urgent vault backup requirements. Their objective is to harvest master passwords from unsuspecting users.

The phishing emails employ social engineering tactics by creating artificial urgency, falsely claiming that LastPass maintenance requires customers to back up their vaults within 24 hours.

LastPass explicitly confirms it never requests customer master passwords or demands immediate vault backups via email.

Fake Maintenance Message
Fake Maintenance Message (Source: Lastpass)

The campaign strategically launched over the U.S. holiday weekend, a deliberate timing choice designed to exploit reduced security staffing and delayed incident response.

Threat actors commonly exploit such windows to maximize the success rate of compromise before detection.

The phishing infrastructure consists of two primary components: an initial redirect hosted on compromised AWS S3 infrastructure and a spoofed domain designed to mimic legitimate LastPass services.

Users should immediately delete any emails claiming to require LastPass maintenance.

LastPass confirms that Legitimate communications never request master passwords, vault backups, or urgent action via unsolicited emails.

Organizations should implement email security controls to block messages from the identified sender addresses and educate staff on phishing indicators, including artificially urgent language and requests for sensitive credentials.

LastPass is coordinating with third-party partners to take down the malicious infrastructure. Users who received these emails are encouraged to report them directly to [email protected] for analysis and tracking.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

ExploitphishingSecurityThreat

Share Article

Jennifer sherman

Jennifer sherman

Jennifer is a cybersecurity news reporter covering data breaches, ransomware campaigns, and dark web markets. With a background in incident response, Jennifer provides unique insights into how organizations respond to cyber attacks and the evolving tactics of threat actors. Her reporting has covered major breaches affecting millions of users and has helped organizations understand emerging threats. Jennifer combines technical knowledge with investigative journalism to deliver in-depth coverage of cybersecurity incidents.

Previous Post

Multiple GitLab Vulnerabilities Enables 2FA Bypass and DoS Attacks

Next Post

New Magecart Attack Inject Malicious JavaScript to Skim Payment Data

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Opera’s New Paste Protect Blocks Clipboard Attacks, Including ClickFix
July 2, 2026
JADEPUFFER Ransomware Targets Cloud API Keys with Python Payloads
July 2, 2026
ValleyRAT Malware Uses Malicious VLC DLL to Attack Systems
July 2, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us