Possibly opened a malicious .dmg file on the Mac, not sure wether it installed itself

dmginstallmalwareSecurityvirus

I was opening a document on my computer and double tapped the file below it; A (more than probable, malicious) Skype.dmg file, likely downloaded from a popup. Normally, when I see them I send them straight to trash.

However I made the mistake of double clicking the downloaded skype.dmg file and am unsure as to whether this means it has done any damage.

(Im using Avast security as an example of what I saw on my screen when I pressed on the Skype.dmg file)

When I double clicked the skype.dmg file, an installer window opened up, however I did not click install, instead I closed the window and removed the program to trash.

enter image description here

However, I then noticed in my Finder window that the file was still there in the devices tab:

enter image description here

I then ejected the program, and deleted the icon on my home screen:

enter image description here
enter image description here

This question, although similar, differs to another question on this forum
(Are auto-downloaded malicious .dmg app files a security risk if they are never opened?)
by the fact that I have double clicked the file; Opening what may be an interim facade (picture 1) between installation and execution, although I'm not really sure.

Even though I clicked it, have I installed the Skype file?

Best Answer

Ordinarily you should still be safe after just mounting the DMG - as long as you haven't actual run anything from within the DMG by double-clicking an icon or similar.

So normally no, you wouldn't have installed the Skype file just by mounting the DMG.

By looking at your screenshots you seem to be running a modern version of macOS. Are you instead running Mountain Lion or older then you could have been automatically infected, as these versions did indeed have a problem with DMGs being able to auto-start programs.

BitDefender, like any other product, can only alert about so many types of malware. It is not a guarantee that it will alert against this specific type of malware/virus, if it is indeed malicious.

The reason I write "ordinarily" and "normally" above is that there's a very slight risk that the file has exploited a problem with the metadata parsing that macOS does of the DMG. I.e. macOS uses information from within the DMG to display images, potentially display license information, etc. It is possible for malware to exploit a security hole within the image decoding library for example to infect your computer just by double-clicking the DMG. However, this seems to be quite unlikely given the information you have presented.

If you want to be really sure what happened, I would suggest comparing the most recent backup from before you downloaded the DMG with the backup taken just after. If no system files have been altered during that time frame, you should be good.