^ I don't know how it will work either but as far as I know, these attackers can possibly steal your fund through to have display a fake login screen or prompt the user to enter their seed phrase, which is then stolen by the attacker. Another tactic is to intercept transactions and replace the intended recipient's address with the attacker's address, resulting in the loss of the user's funds.
All kinds of wallets are not safe once your device gets infected with the virus, so we should be thankful of what OP shared here because if I were on that side, I did not also connect my wallet.
Some of the classic ways of stealing assets in wallets are using web phishing and the second way is being infected with a malware virus that automatically replaces the address of the hacker stored in a hidden file, so make sure the anti-virus on your PC is always active in realtime mode to detect viruses at any time. However, it is recommended not to use the main wallet access on the PC to avoid malware viruses on the PC that are not detected, so keep improving your PC's security features.