BasedApparel.com, an online apparel store co-founded by Kash Patel, has been identified as a host for a malware attack targeting macOS users. This attack employs a 'Clickfix' technique, where users are misled into executing harmful commands by a fake Cloudflare verification page. When users visit the site, they encounter a warning about 'Unusual Web Traffic Detected,' prompting them to verify their humanity. However, the instructions lead them to open the Terminal utility and run a hidden command that retrieves a malicious shell script from a hacker-controlled domain. This script is designed to steal credentials from Chromium-based browsers and data from cryptocurrency wallets, packaging it into a zip file for transmission to the attackers. Security analysis revealed that the malicious payload was flagged by 27 antivirus engines, confirming its dangerous nature. The incident raises concerns about website security, as researchers suggest that the hackers may have exploited vulnerabilities in the site's infrastructure. Apple has introduced new safeguards in macOS to prevent such malware attacks by warning users against executing copied commands in Terminal.