-------------------------------------------------------------------------------------------------- Start of XXXXXX buffer: Sat Aug 19 02:27:36 2000 _______________________ doxtorl .Win32 VX Coder _______________________ -= doxtorL =- a MATRiX INTERVIEW by Del_Armg0 19082000 -------- Del_Armg0: $ Dox / DXL : who are u ? doxtorL: hehe i m a 35 yrs old guy... you was expecting i'm a beautiful blonde girl... sorry dude :) D: $ Interests ? hobbies ? occupations ? job ? d: hobbies : mathematics, i would like to learn what is the Galoisian cohomology of groups :) ...computers, reading. D: $ Reading what ? d: scifi is cool...Roger Zelazny (princes of Amber stories ) A.E Van Vogt (World of Null-A), P.K Dick...damn they are all die :( D: $ When did you first try a computer ? d: I was 16... in 1981... a long time ago D: $ Puter model ? d: At this time , few people was owning their own puter. It was at school a sun station, i was typing idiot programs in basic. D: $ Sun ? was not so common ? d: Personal puter was not common... but puter was existing since a long time ago :) My first program was, i can remember, computation of the roots of a polynomial function My very own puter was....a ZX81, it was in 1983, i have begun to learn z80 assembly. At university i have played with compatible IBM PC but... my first pc... i have bought it ...in 1996 ! D: $ Any interests in others parts of computer underground (h/p/..) ? U: No i have no other interest in other area of computer underground. D: $ Do your relations know about your interest in the vx ? d: Some knows, its not a secret ;), but... people don't care about computer viruses so i don't piss them off with that. D: $ How and when did you first discover the virus scene ? d: In same time i have discovered internet in mid-1996 ... i think at that time i was infected by "jumper", a boot sector virus. I was using windows3.1. Virus computers have begun to fascinate me i have spent long time online to search for some virus samples at this time, the bigger vx server was ilf.net. I have spent long hours to download stuff there but.. my real discovery of virus scene was when i have installed mirc on my puter, it was in mid-1997. I have joined #virus channel both on effnet and undernet. In my early internet days...i was just a collector D: $ Have you been a member of any group ? d: i have accepted to join Technological Illusion group, founded by TechnoPhunk (where are you ?) in 1998-99 but... the group is virtually dead ...cause i'm the only remaining member ;) D: $ Why and when did you start learning to program ? d: I have started to program (seriously) when i was at university, i have learned asm by myself. I can code turbo pascal, some basic and i have planned to learn C/C++ one day. I like to code in asm. D: $ and about viruses written in languages other than assembly ? d: I don't know very well macro stuff but... people can code that sort of virus very quickly. So i suppose most of that viruses are hack or lame viruses but... some are cool. D: $ What is your best/favourite virus you have written ? d: hard to say... my answer is... those i have not yet written :) i imagine my skill in asm is increasing.. so my viruses will become more efficient and complex. I hope! D: $ What groups and which individual programmers do you value most highly ? d: A group is nothing itself, only members inside are important. coders i respect the most: Vecna, Star0, Griyo..., Mandragore for his tcip stuff, and some others i can't remember for now. D: $ What do you think of the virus scene? (in general and in your own country) ? d: macro coderz and viruses traders have done a take over on the virus scene. I suppose there are few virus coders out there not coding in macro langage provided by the stupid microsoft enterprise. On the other hand people don't understand Msdos OS is dead. Who is still running Msdos executables? People don't have the time to learn win32asm, the only true langage to design viruses. So the future belongs to macro viruses... i m affraid of. Not only the future, to be realist we can't forget 2/3 of viruses in the wild are macro viruses. But we can notice since 3 yrs, the knowledge to write win32asm, virus is well spreaded we have to thank guys like lord julus for his work (writing tutorial to teach asm32 virus technics) So... if we want to see more win32asm viruses out there we need to write good tutorials to make easier the way to write win32asm viruses; learn from scratch by yourself is time consumming! D: $ Do you believe in the 'perfect virus' ? d: nope, viruses always have bugs or things they can't do to be highly compatible. You have to not infect some files for example: antiviruses programs or packed PE executables D: $ and about destructive functions in vx ? d: Ok, if a virus want to survive it have to be not notice so if the virus erases files or destructs boot sector, flash bios .... firstly it can't use the puter , it just destroyed, to spread itself and secondly destroy something is the better way to be noticed...and so be caught and killed. Moreover, i don't have pleasure to destroy people datas and destroy is so easy What's the interrest? The only funny way to destroy a puter, according me, is the use of an axe ...yet more noticable but more efficient hehe. To say the truth a virus is often destructive even if the virus wasn't designed to be destructive. Have you ever tested a PE-infector on packed executables? Most of the time, the PE target is overwritten D: $ How has the underground scene changed since you first entered ? d: Msdos is dead so people don't want to learn asm to build dos executable infectors anymore. At first sight it's useless (but itsn't) and Microsoft has put macro langage everywhere and made the stuff for viruses coders more easier. Nowdays most people learn macro langages (easy to begin) and code macro virus simple and efficient to reach in the wild list. Happily, there are lot of PE viruses also. But i suppose there are surely lesser than 700 viruses written in win32asm. Nowdays most of web pages dedicated to computers viruses contain not viral samples at all!. The underground scene is invaded by viruses traders (the scene is became a sort of stock exchange) There are shitload of log files in the entire www! D: $ What operating system(s) are you actually using ? d: i use only Win95 and Msdos. I like Norton Commander and NC runs under Msdos (i dislike windows explorer) NC is a good environment to write viruses even Win32 viruses. D: $ What do you think of other part of Vx, like Worm or trojans ? d: I like worms, happy99 is one of my favorite. Troyans often are destructive and most of the time easy to write so i hate them; but write a back door in win32asm is not an easy task. D: $ Have u ever been killed by a Virus, Worm or trojan ? d: i was mainly hit by my own viruses and few others. But happily no real threat. It took lot of time to desinfect my puter last time i was hit 'cause i didn't notice conagent.exe is a Msdos program so every time i was launching a Windows program from a dos box i was hit again ! Tsr dos viruses fastly escape from your control Direct action viruses are more easy to control. One day, a guy sent me a file to test, i trusted him the file was containing a subseven version, it took me a lot of time to discover i was infected. D: $ Are u afraid by busting ? How is the law in ur land ? d: i'm not affraid by busting i don't spread anything so why cops would like busting me? As far i know , here no one was busting for viruses spreading. But viruses spreading is illegal. Anyway, no one can't be sure to not be busting when you're a virus coder. D: $ Do you consider yourself like a criminal ? d: No i don't. I consider myself to be an artist ! Virus writing is the 8th art :) D: $ How are you giving names to your virii ? d: I try to name my viruses using uncommon names to be sure no other viruses have the same name. D: $ Which zines do you read regulary ? d: All the zines i can get out there, old and recent Cicatrix Vdat is a good stuff , and lot of zines are good too. Unfortunately, i can't read russian and several e-zines are written in russian :( . I know some people don't like using english but unfortunately, it's the only mean to be read in the entire world. D: $ What do you think the future of virus writing holds ? d: At the beginning of virus computers, if you knew how to infect a com executable you was considered to be an elite coder. Nowdays, write viruses to infect Windows executable is not so easy. i suppose in the future things will be even harder to write viruses; the minimum knowledge to write viruses will be hard to master. I think macro viruses will disappear... i don't mean macro langages will disappear too ,but according me, Microsoft can easily stop macro viruses to be a threat. But is Microsoft want really to stop the spreading of macro viruses? D: $ What advice could you give to newbies entering the virus scene ? d: Remember, even elite virus coders were lamers at beginning! Do not read "Little black book of viruses" chapter on exe infection. (Chapters on com infection are good) Read instead, vdat .It contains several old and more recent tutorials on virus stuff. Anyway, you have to know before writing anything, virus writing is time consumming! D: $ About language that a newbie should learn to start writing viruses ? d: If you want to be famous and be busted, learn macro langage stuff and spread your creations :) Knowledge is free but that don't mean knowledge is easy to learn and master. There is always a price to pay. More the stuff is hard to do/understand more the pleasure is greater when you do/understand it! So if you want to have lot of fun try to learn the more difficult things. Win32asm is a good langage for viruses writing and seems to be became a standard in Microsoft OS (win 95,win 98 , win nt, win 2k) So before the next release of Microsoft OS in 2002, learn win32asm stuff isn't useless , two years is an eternity in computer world ! The stuff to compile win32asm listing is widely avalaible on www Even if you don't want to use warez you have several alternatives. Microsoft gives you the opportunity to use its assembler: masm If you don't like Microsoft uses nasm a free assembler! But for beginners the best is Tasm5, unhappily it isn't free. D: $ Anything you would like to add ? d: Officer i' m not responsible neither for the concorde aircraft accident neither for the russian submarine tragedy, i was in va cation when the accidents occured. (august 2000) D: $ Greets ? d: greets to all coders they are trying to increase their coding skill and people spreading the knowledge D: $ Any plugs ? (Homepage, email & more...) d: I have planned since a long time to get a homepage, but nothing until now I don't want to give an e-mail address cause' it costs a lot of money to retrieve messages from my mailbox and i don't want to see shitload of silly messages like that: "please send me the virus"; i waste enough time to clean up my mailbox no need to make the task more harder! EOF 190800 - Del_ --------------------------------------------------------------------------------------------------