The threat actor, likely located in the Commonwealth of Independent States (CIS), strategically targeted a spectrum of operating systems and computer architectures in the credential harvesting campaign, including Windows and macOS.
Source: cyware.com