Based Apparel website goes offline after malware attack targeting crypto wallets

Based Apparel, the merchandise store co-founded by FBI Director Kash Patel before he took office, has been pulled offline after security researchers discovered the site was serving malware designed to steal cryptocurrency wallet credentials from visitors.

The site went dark on May 22, 2026, roughly one day after reports surfaced on X flagging the compromise. The attack specifically targeted macOS users and was capable of siphoning data from more than 200 crypto wallet browser extensions.

How the attack worked

Visitors to Based Apparel were presented with what appeared to be a legitimate Cloudflare validation check. Instead of verifying the user was human, the prompt tricked visitors into executing malicious terminal commands on their machines.

Once inside, the malware went to work harvesting browser credentials, session tokens, and sensitive data. The payload was particularly focused on crypto wallet browser extensions, with more than 200 different extensions in its crosshairs. MetaMask users reportedly received warnings about malicious transactions connected to their activity on the site before it was taken offline.