Anti-virus specialist Sophos has identified a virus being
distributed in software written using the
Delphi
programming language from Borland.
Delphi, now know as CodeGear Delphi, is a variant of the Pascal
language originally developed by Borland, and is now used to
quickly develop Windows programs such as database applications.
The W32/Induc-A injects itself into the source code of any
Delphi program it finds on an infected computer, and then compiles
itself into a finished executable, Sophos warned. The virus
threatens software developers that use Delphi, but Sophos also
warned many computer users running programs written in Delphi could
be affected.
In the past 24 hours SophosLabs has received more than 3,000
unique infected samples of programs infected by
W32/Induc-A. This suggests the malware has been active for some
time, and a number of software houses specialising in developing
applications with Delphi could have been infected.
Ironically, Sophos has also seen a number of banking Trojan
horses - which are often written in Delphi - infected by Induc-A,
indicating that the malware authors could also have been
affected.
"Although most people aren't Delphi developers, there may be
many computer users running programs written in Delphi that have
been contaminated," said Graham Cluley, senior technology
consultant at Sophos. "It's possible that affected applications are
available for download from the net on legitimate shareware sites
or on magazine CD ROMs."
Businesses that may be using software written in Delphi are
advised to ensure that their anti-virus software is updated. If a
W32/Induc-A infection is found in a program, its developers should
be contacted immediately, as it is possible the infection could be
passed on to other customers.