https://www.bleepingcomputer.com/news/security/new-cloudmensis-malware-backdoors-macs-to-steal-victims-data/
New CloudMensis malware backdoors Macs to steal victims' data
CloudMensis' capabilities clearly show that its operators' main goal is to collect sensitive info from infected Macs through various means.
These include screenshots, exfiltration of documents and keystrokes, as
well as listing email messages, attachments, and files stored from
removable storage.
The malware comes with support for dozens of commands, allowing its
operators to perform a long list of actions on infected Macs, including:
Change values in the CloudMensis configuration: cloud storage providers and authentication tokens, file extensions deemed interesting, polling
frequency of cloud storage, etc.
List running processes
Start a screen capture
List email messages and attachments
List files from removable storage
Run shell commands and upload the output to cloud storage
Download and execute arbitrary files
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)