There have been a string of 'security researchers' being featured here on
- You need to download it
- You need to run it (with various warnings being thrown up)
- You need to install Java for it to run (which does not come standard on a Mac, requires a significant download and few actually need for anything anymore)
This seems to be just a variation of the Tibet, Flashback and Adwind (dating from 2012), which all drop a small Java program as a payload which does screenshots, webcamming, remote control and/or ad proxy and dials back to a C&C server. I discovered a variant a few weeks ago that would generate random dictionary names for it's plists but it functions just the same as these.