Virus targets Delphi code compiler

By Shaun Nichols on Aug 22, 2009 9:34AM
Virus targets Delphi code compiler

A new virus attack is targeting the Delphi code compiler and garnering the attention of security experts.

The virus infects a component within the Delphi library folder and disguises itself as a legitimate file.

Rather than attempt to simply install other malicious files onto the host machine, however, the virus uses the compiler itself as a means of spreading. When the host machine compiles programs, the virus inserts lines of malicious code, turning the compiled code into a virus delivery system.

Researchers from Sans, McAfee, BitDefender and F-Secure have all reported and analyzed the virus. So far, the virus has displayed no malicious intents other than replicating itself and no further malware attacks or file downloads have been reported.

Still, the virus is gaining attention from experts to its unusual delivery style, which has managed to infect some high-profile applications. German computer magazine ComputerBild warned readers after discovering that one of the files on a recent issue's free CD insert was found to be infected with the virus.

The infection also appears to be spreading in more nefarious circles, according to Sans researcher Rick Wanner.

"A funny side effect is that in the few days since this virus has been detected in the wild, a number of trojans have been discovered to be affected with the virus," wrote Wanner.

"Obviously they were compiled with an infected Delphi compiler."

Security firm BitDefender said that developers can check for the infection by searching for a file in the Delphi library folder names "SysConst.bak" and then renaming the infected file as "SysConst.dcu" to prevent compiled applications from becoming infected.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright ©v3.co.uk
Tags:
code compiled compiler delphi file security technology virus

Partner Content

Beyond the box: How Crayon Is Redefining Distribution for the Next Era
Beyond the box: How Crayon Is Redefining Distribution for the Next Era
Guiding customers on the uneven path to AI adoption
Guiding customers on the uneven path to AI adoption
New Microsoft CSP rules? Here’s how MSPs can stay ahead with Ingram Micro
New Microsoft CSP rules? Here’s how MSPs can stay ahead with Ingram Micro
Shared Intelligence is the Real Competitive Edge Partners Enjoy with Crayon
Shared Intelligence is the Real Competitive Edge Partners Enjoy with Crayon
MSPs with a robust data protection strategy will achieve market success
MSPs with a robust data protection strategy will achieve market success

Sponsored Whitepapers

Cut through the SASE confusion
Cut through the SASE confusion
Stay protected as cyber threats evolve
Stay protected as cyber threats evolve
Defend Your Network from the Next Generation of AI Threats
Defend Your Network from the Next Generation of AI Threats
The race to AI advantage is on. Don’t let slow consulting projects hold you back.
The race to AI advantage is on. Don’t let slow consulting projects hold you back.
The changing face of Australian distribution
The changing face of Australian distribution

Most read articles

Save-the-dates for Pipeline 2026: We're levelling up to Hamilton Island in May!

Save-the-dates for Pipeline 2026: We're levelling up to Hamilton Island in May!
The State of Channel Security

The State of Channel Security
Channel faces AI-fuelled risk as partners lag on data resilience, Dicker Data summit told

Channel faces AI-fuelled risk as partners lag on data resilience, Dicker Data summit told
Fast50 rankings revealed at gala awards in Sydney

Fast50 rankings revealed at gala awards in Sydney

Log in

Email:
Password:
  |  Forgot your password?