W32.Induc Worm - Sourcecode


ATLEAST BASIC KNOWLEDGE OF OBJECT PASCAL IS REQUIRED. THIS SOURCECODE IS FOR THOSE WHO ARE CURIOUS ABOUT HOW W32.INDUC WORM ACTUALLY WORKS.
This is a Delphi Virus which infects the Executables at compile time.
W32/Induc-C is a virus infecting executable files and core source units of the Delphi compiler.
W32/Induc-C includes functionality to spread via removable drives.
Please note that the infection of Delphi installations means that infected software developers will be producing software infected at compile time. Therefore, as with Mal/Induc-A and W32/Induc-A, there may be detections of W32/Induc-C and Mal/Induc-D on software published by legitimate software houses. These are not false positives. Customers with infected software should contact the software vendor to inform them of the infection and ask the vendor to clean up their Delphi installation and compile new, clean versions of the software.
Source: Sophos
W32.Induc is a worm making rounds these days, the worm is known to attack the software development phase by putting its malicious code in to the Delphi library files thus adding itself to the compilation process. Thereafter, any file compiled with the infected Delphi compiler will also be infected.
Source: McAfee
And here is the Page with the Source-code.

Found this post useful ? If so, please Click +1 and RECOMMEND THIS SITE on Google

No comments:

Post a Comment