A flaw has been discovered by a security researcher in Mac. This flaw allows the hacker to install a malware that can still exist even if all the data on the hard drive has been removed. The flaw modifies Apple’s UEFI (unified extensible firmware interface).
This vulnerability doesn't require a physical address to access the computer. The flaw takes advantage of a shor period of time while your Mac is waking up from sleep. During this time the UEFI is unlocked which allows the malicious data to be written.
Pedri Vilaca, the discoverer of the vulnerability has said that the hacker can only install the malware if you are connected to the Internet. Adding an extra layer of encryption via a VPN can help you. This vulnerability only affects the pre 2014 Macs therefore you don't have to worry about the flaw if you have a mac released after the mid-2014.