Regardless of what Apple's enthusiastic marketing often claims, Mac's aren't immune to malware as this story explains. 

The Remote Access Trojan (RAT) has an extensive list of features and capabilities made available to the attacker including capturing user inputs, uploading or downloading files to the machine, access the webcam etc. 

Removal seems pretty straightforward by issuing the following commands:


  • launchctl unload ~/Library/LaunchAgents/fr.handbrake.activity_agent.plist
  • rm -rf ~/Library/RenderFiles/activity_agent.app
  • if ~/Library/VideoFrameworks/ contains proton.zip, remove the folder