Sponsored By

Are Software Houses Infecting Their Customers?Are Software Houses Infecting Their Customers?

New virus infects source code written in popular Delphi language, Sophos says

Dark Reading Staff

August 19, 2009

2 Min Read

A new virus may cause software to be infected even before it is distributed by software houses or in-house development teams, according to researchers at security vendor Sophos.

The virus " identified by Sophos as W32/Induc-A " injects itself into the source code of any Delphi program it finds on an infected computer, and then compiles itself into a finished executable. Delphi is a variant of the Pascal language originally developed by Borland, and is now used to quickly develop Windows programs such as database applications.

The virus is not just a threat to software developers that use Delphi, but to any computer running programs written in Delphi, Sophos says.

Researchers at SophosLabs have received more than 3000 unique infected samples of programs infected by W32/Induc-A, which suggests that the malware has been active for some time, and that a number of software houses specializing in Delphi apps must have been infected.

Ironically, Sophos has also seen a number of banking Trojan horses -- which are often written in Delphi -- infected by Induc-A, indicating that malware authors themselves could also have been affected.

"Although most people aren't Delphi developers, there may be many computer users running programs written in Delphi that have been contaminated," says Graham Cluley, senior technology consultant at Sophos. "It's possible that affected applications are available for download from the net on legitimate shareware sites or on magazine CD ROMs."

Sophos advises businesses that use Delphi apps to update their antivirus software. If a W32/Induc-A infection is found in a program, its developers should be contacted immediately -- it's possible that the infection could be passed on to other customers, Sophos says. Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Read more about:

2009

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights