Kash Patel-Linked Apparel Store Goes Dark After Pushing Crypto-Stealing Malware
The Based Apparel website, connected to Kash Patel and Andrew Ollis, went offline after being flagged for distributing “ClickFix” malware that targeted macOS users by prompting them to execute a command in their terminal. This malware, an infostealer, risked exposing users’ session tokens, browser data, and crypto wallets. MetaMask flagged the site as “potentially deceptive,” warning users of possible asset theft. PCMag confirmed the malware attack, though Decrypt could not, and the website currently displays a maintenance notice. Infostealer malware has existed since at least 2006 and remains under FBI scrutiny; recent investigations have targeted Steam games linked to similar threats. It is unclear if this incident led to significant financial losses. Based Apparel typically attracts about 33,600 monthly visitors. The brand is promoted through the Kash Foundation, a nonprofit originally founded by Patel but now unaffiliated with him and not connected to the FBI. Patel has previously been targeted by crypto-related attacks, including doxxing by Iranian hackers and meme coin scams.
