Assuming you’ve downloaded the Little Snitch Disk Image (.dmg file) to your Downloads folder, open a new Terminal window and enter the following command to verify the cryptographic signature of the downloaded file:
codesign --verify -R="anchor apple generic and certificate leaf[subject.OU] = MLZF7K7B5R" ~/Downloads/LittleSnitch*.dmg
If the result of this command is empty (no error message is shown), the file is intact and properly signed by Objective Development.
However, if an error message is shown (like “not signed at all” or “failed to satisfy specified code requirement(s)”), this indicates that the file was maliciously modified and is no longer signed by Objective Development. In that case you should NOT open the disk image file.