dinsdag 25 augustus 2009

Trojan software targeting Delphi


After reading the following post at F-Secure, some creepy feeling came over me. And I believe this is something most people (developers, like me, in particular) do not realize or have even considered before.

A short summary of the F-Secure post. A developer is creating a piece of software using a Delphi compiler. He delivers the software and says it’s free of Trojans etc., because he compiled it himself.
The thing he was not aware is that some of the standard libraries on his machine where replaced by a Trojan he got from somewhere. As a result all software compiled on that machine included the corrupted library and, alas, a Trojan.

The full F-Secure blog post: 0wn1ng Delphi - F-Secure Weblog : News from the Lab

The construct is not new. This article from 1984 described the same method of distributing Trojans: Reflections on Trusting Trust. But the implications of it are somewhat shocking.
This means I, as a developer, could unknowingly be distributing Trojans. This could even ruin your business if you are not careful.

Bottom line of the story is: Always be careful with your development machine, because a Trojan can be distributed on a lot of different ways.