MacOS Newly discovered malware allows attackers access to victim communications

A zip archive named Dokument.zip was signed by Apple 21-Apr-2017, since revoked.
Now the warning:

If the user opens the application anyway

according to blog post from Checkpoint. If the fake OS X update is installed the user is infected with TOR and SOCAT. From that point on the attacker can control the victim's communications.
 If you have been so infected take action via posts from Malwarebytes or Checkpoint