Thursday, 27 August 2009

Malware disguised as Snow Leopard

According to this report, malware writers are Phishing users to download malware as the free newest Version of Mac OS , Snow Leopard.
The malware may change your DNS configurations and download additional malicious scripts. Users are redirected to Phishing and FakeAV ( bogus Antivirus applications) sites.
Mac users please download your latest updates only from legitimate apple site.

Sunday, 23 August 2009

Induc Virus

Induc is a File infector virus. This doesn't infect the exe's, instead it checks if Delphi(versions 4.0 -7.0) is installed on the machine.
If Delphi installation is found it copies SysConst.pas(source program,pas =pascal) to \Lib folder and overwrites its code. It renames the original %DelphiRootDir%\lib\sysconst.dcu (dcu =Delphi compiled unit, Delphi compiled code) into SysConst.bak. It now compiles the modified sysconst.pas to produce a infected copy of sysconst.dcu file and deletes the modified version of sysconst.pas file. There by infecting all the new compiled Delphi programs on this computer. [1],[2]