10 comments

[ 3.4 ms ] story [ 31.8 ms ] thread
If you just downloaded it but didn't open the file, you are not infected.
Even if you mount the DMG, there is no infection. You'd need to launch the malicious app.

Edit: its not an app but a command-line binary with ad-hoc signature.

Most likely that's correct. Unless there exists some MacOS issue where just loading the thumbnail or metadata from that file would lead to exploit. It's extremely unlikely that's the case of a 0-click unpatched exploit on a random public file, but just wanted to note this for completeness - if you're paranoid about this case for some reason, it's possible in theory.
macOS does have quicklook generators, and the system seems very eager to register things with launchServices even before the app has been opened once. Perhaps this has been tightened on recent macOS versions, but otherwise it seems theoretically possible to get code running in a "0-click" fashion, simply by mounting a DMG which contains an app with a qlgenerator and another file with matching file type.
[flagged]
ChatGPT is a terrible source of info of security related topics.
Use homebrew next time :)
protip, install software using a package manager from a reputable package repository