Recent intelligence indicates a new technique employed by stealers to trick victims into entering credentials directly into a browser, enabling subsequent theft from the browser’s credential store. This method, used in conjunction with StealC malware, was first observed in August 2024 and is primarily deployed by Amadey.
Source: GBHackers