Dinesh Devadoss, a malware researcher at the firm K7 Lab, found the malware and which he called ThiefQuest and it really does show up Apple’s faith-based security.
ThiefQuest has a whole other set of spyware capabilities that allow it to exfiltrate files from an infected computer, search the system for passwords and cryptocurrency wallet data, and run a robust keylogger to grab passwords, credit card numbers, or other financial information as a user types it in.
The spyware component also lurks persistently as a backdoor on infected devices, meaning it sticks around even after a computer reboots, and could be used as a launchpad for additional, or "second stage" attacks.
The Tame Apple Press has done its best to play down the threat of the malware. It claims that Apple fanboys are perfectly safe unless they download pirated software which has not been official blessed by Apple.
Thomas Reed, director of Mac and mobile platforms at the security firm Malwarebytes, found that ThiefQuest is being distributed on torrent sites bundled with name-brand software, like the security application Little Snitch, DJ software Mixed In Key, and music production platform Ableton.
K7's Devadoss notes that the malware itself is designed to look like a "Google Software Update program".
For your Mac to become infected, you would need to torrent a compromised installer and then dismiss a series of warnings from Jobs’ Mob to run it.