Researchers at F-Secure have discovered malware targeting OS X. Malware leverages a technique called Right-to-Left override (RLO) in order to spoof its malicious nature. RLO is used in bi-directional text encoding systems as a way to mark the start of text that should be displayed from right to left. The malware is signed by a legitimate Apple Developer ID, which may help it bypass some of the controls on a Mac depending on how the user configured their security settings.”]
Source: https://www.csoonline.com/article/2133709/signed-macintosh-malware-uses-right-to-left-override.html