The "unusual" Silver Sparrow strain silently affected systems in more than 150 countries around the world.
It was discovered by researchers at security company Red Sparrow, who have yet to determine its purpose.
Apple says it has taken steps to restrict the potential damage the malware, which targets devices with its new M1 chip, could cause.
Its actions effectively prevent any new devices from being infected.
BBC News has asked Apple to clarify how existing users can tell if they are affected.
Researchers said Silver Sparrow "did not exhibit the behaviours that we’ve come to expect from the usual adware that so often targets macOS systems".
It appears to call a command-and-control server every hour, from an infected machine, to check for "further instructions".
It also has a system in place to self-destruct and hide its existence entirely.
"Though we haven’t observed Silver Sparrow delivering additional malicious payloads yet, its global reach, relatively high infection rate, and operational maturity suggest Silver Sparrow is a reasonably serious threat, uniquely positioned to deliver a potentially impactful payload at a moment’s notice,” the researchers said.
Lisa Forte, from Red Goat Cyber Security, told BBC News the attack should be a wake-up call to Mac users who assumed they were not at the same risk as Windows users of being infected by malware.
"The malware doesn’t appear to have done anything nasty," she said.
"But the fact it spread so fast and infected so many devices is alarming in itself.
"No device is immune from viruses."
Computer security expert Alan Woodward said the attack appeared to be an effort to disprove this long-standing myth.
"It is as if someone was trying a proof of concept of how to move harmful code on to Macs and to control it once there," he said.
"But they didn’t include the truly damaging elements."