Scam ChatGPT Apps are Proliferating in the Mac App Store

Scam ChatGPT Apps are Proliferating in the Mac App Store

Scammers are taking advantage of Apple’s App Store, with some flooding the digital market with bogus and buggy ChatGPT apps.

Apple’s App Store is supposed to be a digital marketplace that verifies software before making them available for download to Mac users. While Apple’s policies and checks capture the majority of criminal actors, the proliferation of AI chat apps has exposed individuals who are abusing the system.

Alex Kleber’s weekend report on the “Dark Side of the Mac App Store” outlines the findings of a month-long research into a series of apps purporting to offer ChatGPT-style services.

The apps, which can be found by searching for terms like “OpenAI” and “ChatGPT,” bring up several apps with identical or highly similar titles and logos to OpenAI, the business behind ChatGPT. They provide the illusion of legitimacy by adopting similar colors, iconography, and OpenAI logos, but they are not formally affiliated with OpenAI.

A new ChatGPT Zero Day Attack is Undetectable Malware That Steals Data
Scam ChatGPT Apps are Proliferating in the Mac App Store

“Most of these apps are nothing more than cheap knockoffs or outright scams that fail to deliver on their promises,” Kleber says. “These scams not only deceive users but also tarnish the reputation of legitimate developers and stymie the growth of the macOS app ecosystem.”

Such apps have risen to the top of the Mac App Store’s overall list of most-downloaded apps thanks to deceptive marketing tricks and skillfully chosen keywords.

The applications appear to be going through the App Review procedure without incident, but Kleber feels Apple should take a “stricter stance” against them. Kleber discovered approvals in certain instances from the App Review team as late as Friday, still utilizing the OpenAI emblem and colors.

Many apps, same creator: In other situations, the apps are almost identical, differing only slightly enough from one another to prevent a straight clone.

Pixelsbay developer accounts and ParallelWorld developer accounts were discovered to be operated from the same registered location in Pakistan, with apps having 99% of the same code with “slight modifications.” Furthermore, the creators utilized the same paywall layout for both apps, and there was no close option to be seen.

“This behavior of not providing a close button to the paywalls is highly unethical and can be considered a scam,” Kleber claims. The users are forced to choose between paying for the service or forcefully quitting the program in order to reclaim control of their device, which is a frustrating scenario for them.

Further investigation suggests that the two applications are connected to Katco, a different business that is also situated in Pakistan and has the same address. Additionally, mentions of an email address suggest that the two applications are related to Katco.

Digging deeper, it is believed the two apps are linked to another company called Katco, again based in Pakistan and at the same address. Additionally, mentions of an email address suggest that the two applications are related to Katco.

Kleber believes the apps are part of a “larger operation aimed at exploiting the popularity” of AI chatbot apps. “It’s alarming to think that such sophisticated and well-coordinated scams can be perpetuated on the MacOS App Store with little to no oversight,” they added.

Kleber also discovered one user who was utilizing eight distinct developer accounts on the Mac App Store, again to bombard the marketplace with incredibly identical programs.

Scam review tactics: Additionally, it is thought that the apps make use of abusive methods to get reviews that promote them in the App Store. In the instance of the ParallelWorld software, more than 175 evaluations were submitted in only 24 hours, including 63 from the US Mac Software Store.

In this case, the app demanded reviews from users immediately after subscription and again each time a user submitted an OpenAI request, without giving them a chance to utilize the service beforehand.

This method is really forbidden by the App Review Guidelines and the documentation for SKStoreReview.

Scammers’ action, according to Kleber, “creates an unfair and competitive environment for legitimate developers who follow the App Store guidelines, and it goes against the principles of fair competition that Apple strives to uphold.”

“By abusing the system, the individuals were creating confusion and clutter on the App Store, making it difficult for users to identify legitimate apps and eroding the trust that users have in the platform.”

Kleber finds that Apple has a “responsibility” to maintain app standards and a level playing field for all developers.

A continuing problem: Apple’s constant struggle with scam applications is evidenced by the fact that shady apps frequently manage to get past the company’s quality control measures as developers find new ways to game the system.

Con artists were sneaking apps into the App Store in February using a so-called “pig butchering” hoax. As part of a complex long-con deception, the software first appears to reviewers as authentic. However, after being approved and making an appearance in the software Store, a domain change provides a phony interface.

Apple is doing its part to prevent fraudulent apps from getting through. In 2022, it claimed that security features kept 1.6 million “problematic apps” away from consumers and prevented close to $1.5 billion in potentially fraudulent transactions.