The code first checks for the existence of window.ethereum, an object injected by wallet extensions like MetaMask. If no wallet is found, it proceeds with a passive attack.

Hmm...yes I forgot about MetaMask....thats probably the intended target.