Mac security expert Patrick Wardle says OSX/MaMi is still a work in progress. The malware is distributed in the form of an unsigned Mach-O 64-bit binary. Wardle fears the malware could evolve pretty quick and might have more secrets hidden in its code. The current version of this malware does not support most of these features, but can only get boot persistence, install a local certificate, and set up custom DNS server settings. The first victim appears to be a teacher who suspected a malware infection after realizing he/she couldn’t change their Mac’s DNS servers.
Source: https://www.bleepingcomputer.com/news/apple/the-first-mac-malware-of-2018-is-a-dns-hijacker-called-mami/