If you can't see how things are running (coding) wouldn't that make it harder to attack such code or network?
The answer is pretty simple the most popular projects are open source and they are very secure. From Linux to bitcoin core and Electrum. Everyone sees "how things are run" and they are still secure.
In some cases they only need to look like the original, and obviously the code is going to differ somewhat for the scam to occur.
They actually don't need to look like the original at all. All they need is the name.
Think about their target victims. They are either people who have never used the software before so they already don't know how it looks like. Or they are people who want to upgrade to a newer version, in which case all the malicious software has to do is to tell them "it's a new version where UI was changed!".
Besides it is trivial to look at the UI and create something that looks similar.