Earlier this year, a dangerous malware named Fruitfly that targeted Mac computers was identified. Now months later, a security researcher has revealed additional details about the hack.
In January, security company Malwarebytes reported that a new Mac-focused malware remotely provides its creator with access to computer’s files, screens, and even the built-in webcam of targeted computers. Fruitfly gives hackers full access and control over the machines, leaving the unsuspecting victims powerless to stop it.
In January, Apple (AAPL) responded to the threat by patching the hole that allowed Fruitfly to attack users. However, Fruitfly variants have cropped up that could still target unprotected Macs.
Tech news site ZDNet recently spoke to a former NSA hacker and current chief security officer at security company Synack to learn more about the threat. Over the last several months, Wardle has analyzed Fruitfly, and, for the first time, shared his findings with ZDNet.
Get Data Sheet, Fortune’s technology newsletter
He said that Fruitfly isn’t “the most sophisticated Mac malware,” but that it can effectively target users’ machines. He noted that the malware tells hackers that targeted users are active on their machines, a warning that those hackers should wait or risk detection.
In examining the malware, Wardle said that he found a number of users whose computers were infected. He also learned their IP addresses and names.
According to ZDNet, Wardle said that he believes the malware was created by a single hacker who wants to “spy on people for perverse reasons.” He couldn’t estimate how many people were affected, but he noted that it took five years for the malware to be discovered. Worst of all, he told ZDNet, anyone could be affected.
“You have to realize that this kind of re-exposes the fact that you can be an ordinary person and still be victim of a really insidious attack,” he said. “This is just another illustration that Macs are just as vulnerable as any other computer.”
Apple did not immediately respond to a Fortune request for comment on the ZDNet report.