Skip to content
https://abc.microfintool.com/

ABC Tool

  • Home
  • About / Contect
    • PRIVACY POLICY
Kash Patel’s Apparel Site Is Trying To Trick Visitors Into Installing Malware

Kash Patel’s Apparel Site Is Trying To Trick Visitors Into Installing Malware

Posted on May 23, 2026 By safdargal12 No Comments on Kash Patel’s Apparel Site Is Trying To Trick Visitors Into Installing Malware
Blog

[ad_1]

An apparel site from FBI director Kash Patel has been spotted trying to trick macOS users into installing malware. 

The site, BasedApparel.com, is part of a merchandise brand that Patel co-created with Andrew Ollis prior to becoming FBI director under the Trump administration. On Thursday, a user based in Portugal spotted the online shop hosting a “ClickFix”-style attack that tries to dupe unsuspecting users into running a malicious command on their Mac computers. 

The attack seems to work as the user visits BasedApparel.com; a victim will encounter the site showing a page pretending to come from Cloudflare, which powers “Verify you are human” CAPTCHA tests and offers DDoS protection. 

The fake Cloudflare page will show a warning saying “Unusual Web Traffic Detected,” while also requiring the user to verify that they’re human. But to do so, the page posts some unusual instructions that call for the user to open Terminal, a built-in utility in macOS that can execute programs.

(PCMag)

The user is then told to click the “Copy” button on the page to copy the command “I am not a robot: Cloudflare Verification ID: 801470.” But in reality, clicking the button will actually copy a much longer obfuscated text that looks like gibberish, although it’s actually a hidden command.

the copied command

The actual copied command when you click the copy button. (PCMag)

The user is then told to paste and run the command in Terminal, thus executing the instructions without realizing the danger. The hidden command will decode, and fetch a shell script containing a list of commands from the hacker-controlled web domain.

PCMag encountered the attack while navigating BasedApparel.com on a MacBook, although we were only able to trigger the fake Cloudflare page once over the Chrome browser. 


This Tweet is currently unavailable. It might be loading or has been removed.

The user on X who flagged the threat, “debbie,” told PCMag she encountered the attack after reading an article in The Atlantic about Patel that linked to the Based Apparel site. “The ClickFix attack just kinda popped up when I was browsing it,” Debbie said in an email. “I took a quick look and it’s just a classic infostealer, wrapped twice in base64 (binary-to-text encoding). It’s interesting that it’s written in Applescript though.” 

debbie, who described herself as a “big nerd,” managed to retrieve the malicious shell script payload, which we ran through VirusTotal. The payload was flagged by 27 antivirus engines as malicious, classifying it as Trojan and infostealer. The attack seems to work by spanning various instructions that if run through macOS’s Terminal utility could steal stored credentials from Chromium-based browsers along with data from cryptocurrency wallets, placing them into a zip archive then sent to a hacker-controlled domain.  

The attack suggests a hacker compromised some portion of BasedApparel.com when the ClickFix threat has remained pervasive in recent years, fooling less tech-savvy users. Security researchers have warned that the hackers behind ClickFix schemes have been circulating their attacks by stealing the login credentials for legitimate websites, tampering with exposed admin panels, or hitting vulnerable plugins. 

Based Apparel didn’t immediately respond to a request for comment. But the attack is a reminder to be vigilant around pop-ups and other scareware tactics. Apple recently introduced a safeguard in macOS Tahoe 26.4 that can stop and warn users against running copied-and-pasted commands into the Terminal utility, citing the potential of malware.

About Our Expert

Michael Kan

Michael Kan

Principal Reporter


Experience

I’ve been a journalist for over 15 years. I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017, where I cover satellite internet services, cybersecurity, PC hardware, and more. I’m currently based in San Francisco, but previously spent over five years in China, covering the country’s technology sector.

Since 2020, I’ve covered the launch and explosive growth of SpaceX’s Starlink satellite internet service, writing 600+ stories on availability and feature launches, but also the regulatory battles over the expansion of satellite constellations, fights with rival providers like AST SpaceMobile and Amazon, and the effort to expand into satellite-based mobile service. I’ve combed through FCC filings for the latest news and driven to remote corners of California to test Starlink’s cellular service.

I also cover cyber threats, from ransomware gangs to the emergence of AI-based malware. In 2024 and 2025, the FTC forced Avast to pay consumers $16.5 million for secretly harvesting and selling their personal information to third-party clients, as revealed in my joint investigation with Motherboard.

I also cover the PC graphics card market. Pandemic-era shortages led me to camp out in front of a Best Buy to get an RTX 3000. I’m now following how the AI-driven memory shortage is impacting the entire consumer electronics market. I’m always eager to learn more, so please jump in the comments with feedback and send me tips.


Read Full Bio



[ad_2]

Source link

Post Views: 16

Post navigation

❮ Previous Post: Flipper Zero’s makers are cooking up a wildly customizable Linux computer
Next Post: Meta’s Forum is part Reddit, part Facebook, and part Google AI Overview ❯

You may also like

Samsung Featured Dua Lipa on Its TV Packaging. Now, She’s Suing for M
Blog
Samsung Featured Dua Lipa on Its TV Packaging. Now, She’s Suing for $15M
May 11, 2026
Xiaomi 18 Pro Max tipped to use Snapdragon 8 Elite Gen 6 Pro SoC
Blog
Xiaomi 18 Pro Max tipped to use Snapdragon 8 Elite Gen 6 Pro SoC
April 21, 2026
Sam Altman throws shade at Anthropic’s cyber model, Mythos: ‘fear-based marketing’
Blog
Sam Altman throws shade at Anthropic’s cyber model, Mythos: ‘fear-based marketing’
April 21, 2026
How to Stream ‘Love Island USA’ Season 8 on Peacock
Blog
How to Stream ‘Love Island USA’ Season 8 on Peacock
May 29, 2026

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent Posts

  • Whoops! Microsoft Outlook Mac Update Removes Email Conversation History
  • Anthropic’s New Claude Tag Acts as a Virtual Coworker in Slack
  • Google Home will soon get better at recognizing you
  • Meta Pauses Employee-Tracking Program Following Internal Data Leak
  • White House drastically shortens deadline for dropping quantum-vulnerable crypto

Recent Comments

  1. Pakistan's Football Industry: Complete Guide (2026) – Manufacturing, Exports, Business & Future Growth (Part-1) - Micro Finance Tool on WhatsApp is now testing its subscription service, here's what you get and how much it costs
  2. Budget Calculator: Your Complete Guide to Better Money Management - Micro Finance Tool on White House drastically shortens deadline for dropping quantum-vulnerable crypto
  3. Samsung’s upcoming foldables leak in a very interesting size comparison - ABC Tool on iPhone 18 Pro camera upgrade 'confirmed' by another rumor
  4. Aeroski 2.0 Ski Fitness Workout Machine Review & Product Info on Gaming at the Gym? Here’s How to Sneak Some Playtime Into Workouts
  5. AI Logo Generator on Tech giant Oracle cuts 21,000 jobs as it embraces AI

Archives

  • June 2026
  • May 2026
  • April 2026

Categories

  • Blog

Copyright © 2026 ABC Tool.

Theme: Oceanly News by ScriptsTown