The malware is called "FruitFly," and one of its variants, "FruitFly 2" has not infected that many people – just about 400 victims.
Fruitfly was found by Malwarebytes and was a bit of head scratcher. It did not appear to be complex and was programmed mainly to surreptitiously monitor victims through their webcams, capture their screens, and log keystrokes.
There was no indication of who could be behind it, and it contained "ancient" functions and "rudimentary" remote control capabilities, and had been around since 2015.
Now according to Motherboard the second version of FruitFly is even more puzzling.
Patrick Wardle, the former spy agency hacker who now develops free security tools for Apple computers and researches Mac security for the firm Synack, found FruitFly 2.
No anti-virus software detected it. More surprisingly, it looks like it has been lurking around for five or 10 years but only infected several hundred users.
No one knows how users get infected or whether it takes advantage of a flaw in MacOS's code, is installed via social engineering, or some other way.
Apple is saying nothing of course because it is against the religion to believe that its products could ever contain security flaws.
However the FBI is investigating the case as it appears that some of the computers with Fruitfly 2 belong to research facilities.