OpenAI’s video generation app Sora achieved a remarkable milestone, hitting one million downloads within just five days of launch. But this viral success immediately attracted a swarm of fraudulent applications that exploited Apple’s App Store ecosystem to deceive users and extract subscription fees.

The scam apps bore deceptive names like “Sora AI Video Generator,” “Sora 2,” and “Sora 2 Pro,” deliberately mimicking the official OpenAI product to hijack search traffic[1][2]. These impostor applications climbed to the top of App Store search results for “Sora,” with at least two reaching the coveted Top 10 rankings before Apple removed them[1].

How the Scams Operated

The fraudulent developers employed a calculated strategy to deceive users. Many repurposed existing codebases from older applications, stripping away generic branding and replacing it with OpenAI’s Sora logo and visual identity[1]. They then bolted on fake “video generation” features that gave the appearance of functionality without delivering the actual AI capabilities.

Unlike the official Sora app, which initially launched with invite-only access[1], these clone applications were publicly available and accepted immediate downloads. This accessibility, combined with their prominent placement in search results, allowed the scammers to rack up thousands of paid subscriptions before Apple’s moderation team intervened[1].

Apple’s App Review Under Scrutiny

The incident has reignited criticism of Apple’s App Review process, particularly its handling of trademarked names and unlicensed AI features[1]. The fact that multiple apps using OpenAI’s branding and intellectual property made it through the approval process and achieved high rankings raises questions about the effectiveness of Apple’s quality control measures during viral launches.

This isn’t the first time scammers have exploited the gap between a major AI product launch and effective App Store moderation. ChatGPT faced identical problems when it launched, with copycat apps extracting significant revenue from confused users before removal[1].

The Broader Implications

When a high-profile application achieves viral status, scammers can exploit the lag time between launch and enforcement to generate substantial revenue. The approval process, combined with App Store search algorithms, creates a window of opportunity for bad actors to capitalize on brand recognition and user confusion. By the time Apple removes the fraudulent apps, thousands of users have already subscribed and paid for services that don’t deliver on their promises.

The Sora incident demonstrates an ongoing challenge for platform holders: balancing efficient app approval processes with thorough vetting, especially during periods of heightened user interest in trending technologies. As AI applications continue to capture public attention, this vulnerability in the app distribution ecosystem remains a significant concern for both users and legitimate developers.

Sources:

[1] https://www.rundown.ai/articles/sora-clones-flood-app-store

[2] https://apple.gadgethacks.com/news/fake-sora-apps-flood-app-store-as-ai-scams-surge-300/

[3] https://apps.apple.com/us/app/sora-by-openai/id6744034028

Photo by SamuelFJohanns on Pixabay