Kash Patel merch site hacked to trick users into installing malware
Straight Arrow News - SAN • • technology
Key Points:
- The website Based Apparel, selling merchandise related to FBI Director Kash Patel, was hacked and used to trick visitors into downloading malware via a deceptive Cloudflare verification page.
- The malware, identified as an infostealer, was designed to steal login credentials, browser cookies, cryptocurrency extension data, Apple Notes, and keychain passwords from Mac users.
- A payment skimmer was also discovered on the site’s checkout page, potentially compromising customers’ credit card information, with the attack enabled by a malicious WordPress plugin.
- The FBI stated Patel divested from Based Apparel before becoming FBI director and does not profit from the site, while declining to confirm if it is investigating the hack.
- This incident follows a recent breach of Patel’s private email by an Iranian-linked hacker group, which exposed over 300 emails including personal information.