Threat actors have been seen targeting Mac users with the Dridex malware.
Although the malware is not new, this variant appears to still be under development as the final payload was an executable.
The initial file analyzed arrived as a Mach-o executable that performed discovery routines and writes malicious code to files with a doc extension.
The malware continues the malicious activity by enabling macros and retrieving additional payloads from decrypted URLS.
The current impact to MacOS users is minimal due to the payload file extension, however it may prove to be effective upon further development.