For people that can't grok the title and the article like me:
- BasedApparel.com is a website owned by a person that happens to be the FBI director now. (he owned it before he became the director if it matters)
- The website BasedApparel.com was hacked and the hackers added a malicious click here to verify you are human section that tried to have you download a malicious payload if you were on macos.
> he owned it before he became the director if it matters
All the more reason that those who "serve" in the government should be required to divest of their business interests. The traffic such a site would get due to the tribalism prevalent in US politics makes it a fat target, and potentially a national security threat.
Im a big fan of divesting in these scenarios but i dont know how that would help in this scenario specifically. His current role and his previous ownership made the site a target, but it would be a target regardless of who owns it currently.
It is the mix of high-security high-visibility national impact with organizations that are completely unequipped to operate in that arena.
> it would be a target regardless of who owns it currently.
The commonality of attacks makes it more important to eliminate distracting dependencies for critical leaders. Not less.
There is a reason top security clearances have requirements no normal organization could make on their employers. Lack of loose vectors is even more important for leaders.
So it's not where you buy those shirts that say "Female Body Inspector?"
[deleted]
> if you were on macos
Did they only target macOS? The article mentions macOS a lot, but AFAIK this attack changes the instructions based on the User-Agent. I've seen the exact page with instructions for Windows and PowerShell before.
Honestly, I can't think of a more deserving bunch of people than the owner and target customers of that website. Super genius people like that need entertaining challenges in their lives to perform at their peak.
>happens to be
This is not normal, other (decent) countries are not like this
Sarcasm is hard to spot in raw text.
Has it been hacked? I mean, Trump's accomplices running conspicuous scams would not exactly be a surprise. They are all immune from prosecution, after all.
> To protect the wiki against automated account creation, we kindly ask you to answer the question that appears below (more info):
What is the output of: LC_ALL=C pacman -V|sed -r "s#[0-9]+#$(date -u +%m)#g"|base32|head -1
Wait, they really do that...
If you can't understand that command before pasting it in your terminal, then you probably shouldn't be editing the Arch Linux wiki.
My issue with this style of verification is more that it normalises running commands right in the terminal. Commands that come from place you kind of trust. And poof at some point it will contain some nefarious code. Instead of using a package manager (the curl to bash variant) or running these commands in a container/vm.
They have a similar command for the Arch Linux forum, where beginners are encouraged to ask questions
Don't worry about it. Kick back and relax with some Kash Patel branded bourbon:
The economy is so bad even the Director of the FBI has a side gig.
> The attack seems to work by spanning various instructions that if run through macOS’s Terminal utility could steal stored credentials from Chromium-based browsers along with data from cryptocurrency wallets, placing them into a zip archive then sent to a hacker-controlled domain.
What is it about Chromium based browsers that this attack narrows down to? Is it something technical in the ease of stealing information or just the imagined market share by the attackers? As per Cloudflare’s statistics browser share on macOS [1], it seems like Google Chrome users are a little less than two thirds of the total user base. But Safari still holds one third of the user base. Ignoring Safari seems like a poor mistake.
I wonder if they aren't using the macOS keychain, while Safari does.
I would like to see serious cross-party dialogue on how to avoid ending up in a situation where there’s an FBI director who sells meme clothing.
I don’t think it’s unfair to blame cowardice and venality of individual Republican politicians in the face of being primaried, although it definitely needs an asterisk that we don’t know that the left’s Senators and Congressmen would do any better under the same situation.
Thank you Based God
What next? The trump phone shipping Chinese malware. Unthinkable!
It wouldn't be Chinese. It would be Russian.
To paraphrase Hickam's dictum, a phone can have as many sources of malware as it damn well pleases.
Amazes me that, after the events of the past 3 years, so many people still think Russia is the major foreign influence on our politics.
The existence of other influences does not diminish the fact that Trump is enamored with Putin (and most "strong man" dictators generally, but Putin in particular) and it does impact his foreign policy decisions and those of his administration (Hegseth straight up canceled weapons shipments to Ukraine for 2 weeks in the aftermath of the Oval Office meeting thinking it would please the boss).
Let’s add to it that people are still hyping up Trump/Russia connection.
I think Hilary Clinton is a terrible human being, but props on her play there. Truly both sad and insanely effective.
Don't be ridiculous, it would be Israeli.
They make the best, no doubt, but would the Trump phone have the best of anything?
Why not both?
To what point? Do we actually think Trump would use a Trump phone? Otherwise, they'd just be getting data on die hard MAGA types that have nothing to do with anything juicy
Having 600k extremely credulous people at your beck and call is a tempting target for any powerful actor.
Patel's site was just dropping sauce: overdose of sauce
And once again, another prime example that we do not live in a serious country
> The attack suggests a hacker compromised some portion of BasedApparel.com
For people that can't grok the title and the article like me:
- BasedApparel.com is a website owned by a person that happens to be the FBI director now. (he owned it before he became the director if it matters)
- The website BasedApparel.com was hacked and the hackers added a malicious click here to verify you are human section that tried to have you download a malicious payload if you were on macos.
> he owned it before he became the director if it matters
All the more reason that those who "serve" in the government should be required to divest of their business interests. The traffic such a site would get due to the tribalism prevalent in US politics makes it a fat target, and potentially a national security threat.
Im a big fan of divesting in these scenarios but i dont know how that would help in this scenario specifically. His current role and his previous ownership made the site a target, but it would be a target regardless of who owns it currently.
It is the mix of high-security high-visibility national impact with organizations that are completely unequipped to operate in that arena.
> it would be a target regardless of who owns it currently.
The commonality of attacks makes it more important to eliminate distracting dependencies for critical leaders. Not less.
There is a reason top security clearances have requirements no normal organization could make on their employers. Lack of loose vectors is even more important for leaders.
So it's not where you buy those shirts that say "Female Body Inspector?"
> if you were on macos
Did they only target macOS? The article mentions macOS a lot, but AFAIK this attack changes the instructions based on the User-Agent. I've seen the exact page with instructions for Windows and PowerShell before.
Honestly, I can't think of a more deserving bunch of people than the owner and target customers of that website. Super genius people like that need entertaining challenges in their lives to perform at their peak.
>happens to be
This is not normal, other (decent) countries are not like this
Sarcasm is hard to spot in raw text.
Has it been hacked? I mean, Trump's accomplices running conspicuous scams would not exactly be a surprise. They are all immune from prosecution, after all.
Oh, I also got one: https://wiki.archlinux.org/index.php?title=Special:CreateAcc...
> To protect the wiki against automated account creation, we kindly ask you to answer the question that appears below (more info): What is the output of: LC_ALL=C pacman -V|sed -r "s#[0-9]+#$(date -u +%m)#g"|base32|head -1
Wait, they really do that...
If you can't understand that command before pasting it in your terminal, then you probably shouldn't be editing the Arch Linux wiki.
My issue with this style of verification is more that it normalises running commands right in the terminal. Commands that come from place you kind of trust. And poof at some point it will contain some nefarious code. Instead of using a package manager (the curl to bash variant) or running these commands in a container/vm.
They have a similar command for the Arch Linux forum, where beginners are encouraged to ask questions
Don't worry about it. Kick back and relax with some Kash Patel branded bourbon:
https://www.theatlantic.com/politics/2026/05/kash-patel-fbi-...
You'll feel better in no time.
Why does the FBI director have a merch store...?
The economy is so bad even the Director of the FBI has a side gig.
> The attack seems to work by spanning various instructions that if run through macOS’s Terminal utility could steal stored credentials from Chromium-based browsers along with data from cryptocurrency wallets, placing them into a zip archive then sent to a hacker-controlled domain.
What is it about Chromium based browsers that this attack narrows down to? Is it something technical in the ease of stealing information or just the imagined market share by the attackers? As per Cloudflare’s statistics browser share on macOS [1], it seems like Google Chrome users are a little less than two thirds of the total user base. But Safari still holds one third of the user base. Ignoring Safari seems like a poor mistake.
[1]: https://radar.cloudflare.com/reports/browser-market-share-20...
I wonder if they aren't using the macOS keychain, while Safari does.
I would like to see serious cross-party dialogue on how to avoid ending up in a situation where there’s an FBI director who sells meme clothing.
I don’t think it’s unfair to blame cowardice and venality of individual Republican politicians in the face of being primaried, although it definitely needs an asterisk that we don’t know that the left’s Senators and Congressmen would do any better under the same situation.
Thank you Based God
What next? The trump phone shipping Chinese malware. Unthinkable!
It wouldn't be Chinese. It would be Russian.
To paraphrase Hickam's dictum, a phone can have as many sources of malware as it damn well pleases.
Amazes me that, after the events of the past 3 years, so many people still think Russia is the major foreign influence on our politics.
The existence of other influences does not diminish the fact that Trump is enamored with Putin (and most "strong man" dictators generally, but Putin in particular) and it does impact his foreign policy decisions and those of his administration (Hegseth straight up canceled weapons shipments to Ukraine for 2 weeks in the aftermath of the Oval Office meeting thinking it would please the boss).
Let’s add to it that people are still hyping up Trump/Russia connection.
I think Hilary Clinton is a terrible human being, but props on her play there. Truly both sad and insanely effective.
Don't be ridiculous, it would be Israeli.
They make the best, no doubt, but would the Trump phone have the best of anything?
Why not both?
To what point? Do we actually think Trump would use a Trump phone? Otherwise, they'd just be getting data on die hard MAGA types that have nothing to do with anything juicy
Having 600k extremely credulous people at your beck and call is a tempting target for any powerful actor.
Patel's site was just dropping sauce: overdose of sauce
And once again, another prime example that we do not live in a serious country
> The attack suggests a hacker compromised some portion of BasedApparel.com