An expert warned: Mac App Store users are at risk of fraud as scammers continue to find ways to trick the platform into accepting fake apps.
The fake apps, which claim to replace some of the world’s most popular productivity solutions, are offered for sale in the repository, according to a report by security researcher Alex Kleber.
Kleber claims to have discovered five active Mac App Store accounts in his analysis, all belonging to a single actor and all distributing fake apps.
False pretexts
These accounts offer apps like “Work for Google Docs and Drive,” “Calendar for Google Calendar,” “Switcher for Chrome or Safari,” “PDF Editor for Adobe Acrobat,” and similar – all of which look like they come from official Google or Adobe profiles. The scammers even used original Google and Adobe icons for their solutions to underline the legitimacy of the apps.
Kleber says he has been tracking the scammer for years and reported him to Apple in 2022, after which the company deleted seven of his accounts.
“Despite this, the developer managed to return and continue the same activities by flooding multiple developer accounts with spam and using the same techniques to defraud MacOS App Store users,” he said. Apparently, they use multiple accounts to minimize the chances of all rogue apps being removed in one fell swoop.
“Techniques are used to trick users into buying applications by pretending they are the originals,” Kleber concluded. Some of the apps are designed in such a way that they cannot even be closed without the user buying a subscription.
The researcher briefly addressed how it was even possible for such apps to get into the repository, saying the campaign shows “how easy it can be to bypass the Apple Review team.”
TechRadar Pro has reached out to Apple for comment and will update the article once we receive a response.