Remember those lovely North Korean hackers who destroyed Sony Pictures' computers, spread the WannaCry ransomware worm around the world, and stole $100 million from Bangladesh's central bank? Well, they are back and attacking Macs.

Malwarebytes researchers announced today (May 6) that the Lazarus Group, also known as Hidden Cobra, has repurposed a Linux version of the Dacls Remote Access Trojan (RAT) to run on the Mac. The RAT is a machine sneak in and give a remote attacker partial or complete control.

"This Mac version is distributed via at least a Trojanized two-factor authentication application for macOS called MinaOTP, which is used primarily by Chinese-speaking people," explains a Malwarebytes blog post.

"It boasts a variety of features, including command execution, file management, traffic proxying, worm scanning, etc.

We would usually say that there is not much to fear from state-sponsored hackers. U.S., Chinese, and Russian cyberespionage units usually just want information on diplomats, military personnel, defense contractors, politicians, etc.

But North Korean hackers have no problem committing the usual crimes to make money. In other words, this new Mac malware could be nothing more than the targeting of a specific individual in China, or it could be the beginning of a sustained large-scale espionage campaign. (The Lazarus Group has been stealing cryptocurrency from Mac users for nearly two years.)

In any case, the best way to avoid this Mac RAT is to install and run the best Mac anti-virus software; Microsoft, Kaspersky, Trend Micro, and of course Malwarebytes already signatures.