An apparel store linked to FBI Director Kash Patel went offline after being flagged for distributing “ClickFix” wallet-draining malware. The website, Based Apparel, prompted macOS users to run a terminal command that installed an infostealer designed to steal session tokens and cryptocurrency. This marks the second crypto-related incident involving Patel, following a previous data leak that spawned meme coins.
An apparel store linked to FBI Director Kash Patel appeared to go offline after onlookers warned that Based Apparel’s website pushed wallet-draining malware. Until the website went dark, macOS visitors were prompted to install “ClickFix” malware by copying a terminal command, which put session tokens and crypto wallets at risk according to a user on X.
MetaMask flagged the site as “potentially deceptive,” warning users of “malicious transactions resulting in stolen assets.” The attack was reproduced by PCMag, though the site now states “the store will be back online shortly—bolder than ever.”
Infostealer malware secretly extracts sensitive data, and the FBI said it was recently investigating several PC games on Steam that installed similar software. It is unclear if the compromise at Based Apparel, which receives an estimated 33,600 monthly visits according to ahrefs, sparked significant losses.
The venture is owned by Patel and Andrew Ollis, who serves as CEO of the Kash Foundation board. Visitors to the Kash Foundation, a nonprofit founded by Patel, are directed to Based Apparel through one of its primary menus, as reported by The Guardian.
The organization’s website states Patel is no longer affiliated and clarifies the foundation is not associated with government agencies like the FBI. This is the second time Patel has faced crypto-related issues, following a previous incident where Iranian hackers leaked his personal data, after which a bevy of Patel-themed meme coins emerged.
