OSX/Proton is a persistent Backdoor and Remote Access Trojan (RAT) that exfiltrates user data including passwords and browsing information [1]. A new variant was discovered in a compromised Handbrake installer in 2017 [2].

References:

1. https://www.cybersixgill.com/proton-a-new-mac-os-rat/
2. https://objective-see.com/blog/blog_0x1F.html