FBI director's Based Apparel site has been spotted hosting a 'ClickFix' attack

hckrnws

FBI director's Based Apparel site has been spotted hosting a 'ClickFix' attack

(pcmag.com)

186

by bilalq

analogpixel
191d
For people that can't grok the title and the article like me:
- BasedApparel.com is a website owned by a person that happens to be the FBI director now. (he owned it before he became the director if it matters)
- The website BasedApparel.com was hacked and the hackers added a malicious click here to verify you are human section that tried to have you download a malicious payload if you were on macos.
1. bdcravens
  111d
  > he owned it before he became the director if it matters
  All the more reason that those who "serve" in the government should be required to divest of their business interests. The traffic such a site would get due to the tribalism prevalent in US politics makes it a fat target, and potentially a national security threat.
  1. abc123abc123
    815h
    This is not good. What it achieves, is that the quality of people who assume office sinks even lower than it is today, since anyone with a modicum of competence, would never divest a business for a low paid, public job.
    On the other hand... you _do_ have a point here. Care must be taken to make sure that the persons business does not profit by the PR and media exposure related to the position they are taking.
    I don't know how to do this. Maybe someone else runs their business at arms length? Maybe tracking the revenue and profit to catch sudden upward swings?
    And adding to this, it should of course be completely illegal for politicians, US and other nations, to profit from insider trading.
    compass_copium
    315h
2. gensym
  123h
  So it's not where you buy those shirts that say "Female Body Inspector?"
  1. [deleted]
    021h
    [deleted]
3. mzajc
  01d
  > if you were on macos
  Did they only target macOS? The article mentions macOS a lot, but AFAIK this attack changes the instructions based on the User-Agent. I've seen the exact page with instructions for Windows and PowerShell before.
4. anigbrowl
  020h
  Honestly, I can't think of a more deserving bunch of people than the owner and target customers of that website. Super genius people like that need entertaining challenges in their lives to perform at their peak.
5. morkalork
  11d
  >happens to be
  This is not normal, other (decent) countries are not like this
  1. zombot
    022h
    Sarcasm is hard to spot in raw text.
6. zombot
  022h
  Has it been hacked? I mean, Trump's accomplices running conspicuous scams would not exactly be a surprise. They are all immune from prosecution, after all.
J-Kuhn
822h
Oh, I also got one: https://wiki.archlinux.org/index.php?title=Special:CreateAcc...
> To protect the wiki against automated account creation, we kindly ask you to answer the question that appears below (more info): What is the output of: LC_ALL=C pacman -V|sed -r "s#[0-9]+#$(date -u +%m)#g"|base32|head -1
Wait, they really do that...
1. alright2565
  722h
breve
023h
Don't worry about it. Kick back and relax with some Kash Patel branded bourbon:
https://www.theatlantic.com/politics/2026/05/kash-patel-fbi-...
You'll feel better in no time.
newscracker
11d
> The attack seems to work by spanning various instructions that if run through macOS’s Terminal utility could steal stored credentials from Chromium-based browsers along with data from cryptocurrency wallets, placing them into a zip archive then sent to a hacker-controlled domain.
What is it about Chromium based browsers that this attack narrows down to? Is it something technical in the ease of stealing information or just the imagined market share by the attackers? As per Cloudflare’s statistics browser share on macOS [1], it seems like Google Chrome users are a little less than two thirds of the total user base. But Safari still holds one third of the user base. Ignoring Safari seems like a poor mistake.
[1]: https://radar.cloudflare.com/reports/browser-market-share-20...
1. a_t48
  019h
rbobby
120h
The economy is so bad even the Director of the FBI has a side gig.
1. bdangubic
  016h
  President himself has several
NDlurker
141d
Thank you Based God
1. ray_v
  121d
  What next? The trump phone shipping Chinese malware. Unthinkable!
josephcsible
011h
https://xkcd.com/932/
swarnie
020h
Why does the FBI director have a merch store...?
Group_B
01d
And once again, another prime example that we do not live in a serious country
petesergeant
120h
I would like to see serious cross-party dialogue on how to avoid ending up in a situation where there’s an FBI director who sells meme clothing.
I don’t think it’s unfair to blame cowardice and venality of individual Republican politicians in the face of being primaried, although it definitely needs an asterisk that we don’t know that the left’s Senators and Congressmen would do any better under the same situation.
1. incidentist
  09h
  I would say it is up to republicans to do something about the clowns they appointed into high level office, and it’s up to democrats to continue their pattern of not appointing clowns like this into high level office.
mjmas
01d
> The attack suggests a hacker compromised some portion of BasedApparel.com
iamkrazy
418h
Would this be a news if it was not owned by FBI director? Do we really expect the FBI director to be responsible for this? He probably outsourced it to some company. This is an inflammatory headline.
1. toofy
  318h
  it’s absolutely news worthy.
  we do (and absolutely should) have higher expectations of the head of one of the most powerful organizations in the world. said organization that goes after malicious actors makes it even more newsworthy.