A new campaign delivers a sophisticated infostealer using Node.js, disguised through websites offering pirated software and cheats. This malware bypasses browser security using DLL injection to steal credentials and cookies, and now employs direct API calls for stealthier operation. It aggressively collects sensitive data, including cryptocurrency wallets, and adapts to each compromised system.