As for the evidence? The modules in the Mac variant of Xagent show a "number of similarities" to the components for Linux and Windows, Bitdefenders says. The malware's command-and-control addresses are also eerily similar to the ones APT28 uses for another malware tool, Komplex.

There's still a lot left to be uncovered. The security team only has the malware itself, not a full picture of how an attack works -- Komplex, which infects Macs through a hole in the notorious MacKeeper antivirus kit, is one possible vector. It's also unclear what other modules are available. Either way, this isn't exactly comforting for Mac users who may find themselves in Russia's crosshairs. It's possible to protect against Xagent (Bitdefender says its AV software will work, and others likely will too), thankfully. The concern is that Russia might have already used the malware, or that it may target people who are unaware of the threat.