FBI director's Based Apparel site has been spotted hosting a 'ClickFix' attack
3 hours ago
- #CyberSecurity
- #Scam
- #Malware
- An apparel site associated with former FBI director Kash Patel was found to be hosting a 'ClickFix'-style malware attack targeting macOS users.
- The attack tricks users by displaying a fake Cloudflare CAPTCHA page that prompts them to copy and run a malicious command in Terminal, which then downloads and executes an infostealer script.
- The malicious script is designed to steal credentials from Chromium-based browsers and cryptocurrency wallets, compressing the data into a zip file sent to a hacker-controlled domain.
- The payload was flagged by 27 antivirus engines as a Trojan and infostealer, highlighting the persistent threat of ClickFix attacks that exploit compromised websites.
- Apple has introduced a safeguard in macOS Tahoe 26.4 to warn users against running pasted commands in Terminal, emphasizing the need for vigilance against such scareware tactics.