It has been discovered by the cybersecurity expert Patrick Wardle. It is a variant of Pirrit, and has been designed to install itself as a Safari extension.
The cyber security experts: It’s present in online forums-torrent sites linked to MacOS software. The malware incorporates a keylogger, a reverse shell and can empty cryptocurrency wallets.
Trend Micro: Cybercrime spread MacOS.GMERA trojan, disguised as Stockfolio. It’s used to steal user information and it’s evolving. To date, two samples were already discovered.