An Iranian espionage group has been using an unsophisticated strain of malware, dubbed MacDownloader, to steal credentials and other data from Mac users. The malicious code was disguised by nation-state hackers as a Flash Player update and a Bitdefender adware removal tool. The malware was first poorly developed and created towards the end of 2016, the experts noticed its code was copied from other sources. The main purpose of the malware seems to be to perform an initial profiling of the infected system and collection of credentials from Macs Keychain password manager.”]
Source: http://securityaffairs.co/wordpress/56095/intelligence/macdownloader-iranian-hackers.html