1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Kash Patel's 'BasedApparel' website is apparently hosting ClickFi

    From TechnologyDaily@1337:1/100 to All on Tue May 26 19:30:27 2026
    Kash Patel's 'BasedApparel' website is apparently hosting ClickFix malware

    Date:
    Tue, 26 May 2026 18:20:00 +0000

    Description:
    The malware targets macOS users only and serves commodity infostealers.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Subscribe to our newsletter Researcher finds Based Apparel site serving a macOS ClickFix infostealer disguised as a Cloudflare CAPTCHA check Victims were tricked into pasting malicious Applescript commands in Terminal, with VirusTotal flagging the malware as a commodity Trojan/infostealer The site, built on WordPress/WooCommerce and Ghost CMS,
    was taken offline after disclosure, linking the incident to broader Ghost CMS exploitation in ongoing ClickFix campaigns Based Apparel, an American online clothing company selling patriotic, conservative, and profree speech-themed merchandise, was seemingly compromised and used to serve malware through the ClickFix technique - but only macOS users were targeted.

    A researcher with the alias debbie disclosed her findings to PC Mag , before sharing video proof on X, after saying she read online about Based Apparel being co-founded by FBI Director Kash Patel and decided to take a closer
    look. The ClickFix attack just kinda popped up when I was browsing it, Debbie said in an email. I took a quick look and it's just a classic infostealer, wrapped twice in base64 (binary-to-text encoding). It's interesting that it's written in Applescript though. Latest Videos From You may like Mac users beware experts say this attack 'stood out immediately' by making a major change to try spread malware Another worrying macOS malware scheme has been discovered here's how to stay safe 'The prevailing wisdom used to be that macOS was at lower risk of malware infection compared to Windows...thats no longer the case': Experts warn Mac infostealers are on the rise - here's how to stay safe Links to Ghost CMS? The victims were asked to verify they were human, on a CAPTCHA page seemingly coming from Cloudflare. This spoofed Cloudflare site will tell the victim that unusual web traffic was detected, and will ask the victim to confirm theyre human by opening the Terminal and paste a command shared on the page.

    Running the infostealer through VirusTotal, PC Mag found it was flagged by 27 antivirus engines as a Trojan and infostealer, meaning its commodity malware rather than a custom-built solution for targeted attacks.

    Based Apparel is yet to comment, but its website is offline for the time being. At press time, the site showed a Well be right back message that
    stated the company is making improvements.

    The website is seemingly built using two content management systems - WordPress with WooCommerce for the store functionality, and Ghost CMS for the separate news subdomain. Are you a pro? Subscribe to our newsletter Sign up
    to the TechRadar Pro newsletter to get all the top news, opinion, features
    and guidance your business needs to succeed! Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Earlier today, we reported that a critical-severity vulnerability in Ghost
    CMS , patched in February 2026, was also being abused against more than 700 domains to launch ClickFix attacks. The best antivirus for all budgets Our
    top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/kash-patels-basedapparel-website-is-app arently-hosting-clickfix-malware


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)