FBI director's Based Apparel site has been spotted hosting a 'ClickFix' attack(www.pcmag.com)
76 pointsby bilalq3 hours ago7 comments
  • analogpixel3 hours ago
    For people that can't grok the title and the article like me:

    - BasedApparel.com is a website owned by a person that happens to be the FBI director now. (he owned it before he became the director if it matters)

    - The website BasedApparel.com was hacked and the hackers added a malicious click here to verify you are human section that tried to have you download a malicious payload if you were on macos.

    • bdcravens3 hours ago
      > he owned it before he became the director if it matters

      All the more reason that those who "serve" in the government should be required to divest of their business interests. The traffic such a site would get due to the tribalism prevalent in US politics makes it a fat target, and potentially a national security threat.

    • gensyman hour ago
      So it's not where you buy those shirts that say "Female Body Inspector?"
    • mzajc2 hours ago
      > if you were on macos

      Did they only target macOS? The article mentions macOS a lot, but AFAIK this attack changes the instructions based on the User-Agent. I've seen the exact page with instructions for Windows and PowerShell before.

    • morkalork2 hours ago
      >happens to be

      This is not normal, other (decent) countries are not like this

  • breve22 minutes ago
    Don't worry about it. Kick back and relax with some Kash Patel branded bourbon:

    https://www.theatlantic.com/politics/2026/05/kash-patel-fbi-...

    You'll feel better in no time.

  • J-Kuhn8 minutes ago
    Oh, I also got one: https://wiki.archlinux.org/index.php?title=Special:CreateAcc...

    > To protect the wiki against automated account creation, we kindly ask you to answer the question that appears below (more info): What is the output of: LC_ALL=C pacman -V|sed -r "s#[0-9]+#$(date -u +%m)#g"|base32|head -1

    Wait, they really do that...

  • newscrackeran hour ago
    > The attack seems to work by spanning various instructions that if run through macOS’s Terminal utility could steal stored credentials from Chromium-based browsers along with data from cryptocurrency wallets, placing them into a zip archive then sent to a hacker-controlled domain.

    What is it about Chromium based browsers that this attack narrows down to? Is it something technical in the ease of stealing information or just the imagined market share by the attackers? As per Cloudflare’s statistics browser share on macOS [1], it seems like Google Chrome users are a little less than two thirds of the total user base. But Safari still holds one third of the user base. Ignoring Safari seems like a poor mistake.

    [1]: https://radar.cloudflare.com/reports/browser-market-share-20...

  • NDlurker3 hours ago
    Thank you Based God
    • ray_v3 hours ago
      What next? The trump phone shipping Chinese malware. Unthinkable!
      • jmward012 hours ago
        It wouldn't be Chinese. It would be Russian.
        • tdeck10 minutes ago
          Don't be ridiculous, it would be Israeli.
        • kibwen2 hours ago
          To paraphrase Hickam's dictum, a phone can have as many sources of malware as it damn well pleases.
        • Georgelementalan hour ago
          Amazes me that, after the events of the past 3 years, so many people still think Russia is the major foreign influence on our politics.
          • dralley39 minutes ago
            The existence of other influences does not diminish the fact that Trump is enamored with Putin (and most "strong man" dictators generally, but Putin in particular) and it does impact his foreign policy decisions and those of his administration (Hegseth straight up canceled weapons shipments to Ukraine for 2 weeks in the aftermath of the Oval Office meeting thinking it would please the boss).
        • wmf2 hours ago
          Why not both?
          • dylan6042 hours ago
            To what point? Do we actually think Trump would use a Trump phone? Otherwise, they'd just be getting data on die hard MAGA types that have nothing to do with anything juicy
    • BoorishBearsan hour ago
      Patel's site was just dropping sauce: overdose of sauce
  • Group_B2 hours ago
    And once again, another prime example that we do not live in a serious country
  • mjmas3 hours ago
    > The attack suggests a hacker compromised some portion of BasedApparel.com