Feeds

Old-school virus threatens Delphi files

Induc-A virus induces a headache

Intelligent flash storage arrays

Updated Virus writers have gone old school with the creation of a virus that infects Delphi files as they are built.

When a Delphi file infected with Induc-A virus is run, it searches for Delphi programming installations on an infected machine and attempts to infect this installation. More specifically, the malware attempts to infect SysConst.pas, which it then compiles to SysConst.dcu. Once this process is completed the SysConst.dcu file is programmed to add the Induc-A virus to every new Delphi file that gets compiled on the system.

A full write-up of the malware, including a screenshot depicting strings of infected code, can be found here.

Even the vast majority of computer users that aren't Delphi developers can be affected by running programs written in Delphi that happen to have been contaminated.

Up until Tuesday afternoon the labs at Sophos have received more than 3,000 infected files, submitted by users who have found infections. "This makes us believe that the malware has been active for some time, and that a number of software houses specialising in developing applications with Delphi must have been infected," writes Graham Cluley, senior technology consultant at Sophos.

Examples of infections have included applications described as "a tool for downloading configuration files onto GSM modules" and "a compiler interface that operates between our third-party design software and our CNC woodworking machinery".

Delphi is used to quickly develop Windows applications. Some of the infected files are banking Trojans written in Delphi - so some hackers are among those hit by the virus.

More details on he spread of the malware can be found here. ®

Security for virtualized datacentres

More from The Register

next story
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
DEATH by PowerPoint: Microsoft warns of 0-day attack hidden in slides
Might put out patch in update, might chuck it out sooner
BlackEnergy crimeware coursing through US control systems
US CERT says three flavours of control kit are under attack
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Internet Security Threat Report 2014
An overview and analysis of the year in global threat activity: identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.