just posting what i read
https://blog.malwarebytes.com/threat-analysis/2017/01/new-mac-backdoor-using-antiquated-code/
a malware that use old mac , and linux code that can take screenshot and possibly mouse cursor position
-sorry for poor post did this very quick