Sophos is reminding businesses of the importance of protecting corporate networks from malware infection following the discovery of an unusual virus – the spread of which is likely to be caused by software houses or in-house development teams who specialize in developing applications written in the “Delphi’ software language.
The virus – identified by Sophos as W32/Induc-A – injects itself into the source code of any Delphi program it finds on an infected computer, and then compiles itself into a finished executable. Delphi is a variant of the Pascal language originally developed by Borland, and is now used to quickly develop Windows programs such as database applications. The virus is not just a threat to software developers that use Delphi – many computer users will be running programs which are written in Delphi, and they could be affected.
In the past 24 hours SophosLabs has received more than 3000 unique infected samples of programs infected by W32/Induc-A, which suggests that the malware has been active for some time, and that a number of software houses specializing in developing applications with Delphi must have been infected.
Ironically, Sophos has also seen a number of banking Trojan horses – which are often written in Delphi – infected by Induc-A, indicating that malware authors themselves could also have been affected.