Neperos
SIGN IN
Copy Link
Add to Bookmark
Report

God@rky's Virus Heaven Newsletter #1

eZine's profile picture
eZine lover (@eZine)
Published in 
Godarkys Virus Heaven Newslett
 · 26 Apr 2019

God@rky's Virus Heaven Newsletter #1

Written by God@rky


(C)Circle-A Computers 1996 All Rights Reserved...

CONTENTS

  • Section One - The First Edition
  • Section Two - Virus Heaven's Mission
  • Section Three - Disappearance Of Vx Magazines & Authors
  • Section Four - Virus Heaven Vx Site Guide
  • Section Five - Uncanny Virus Ideas
  • Section Six - Naming Viruses - How it is done
  • Section Seven - Government Sites & Viruses & The Laws
  • Section Eight - South Africa Wants Correspondance With The World's Authors & Collectors

Section One - First Edition

This is the inaugural issue of the Virus Heaven Newsletter. In the future (Starting W/ Issue #2) this will be available on this WWW Site as well as VIA FTP at ftp.defiant.ilf.net and will be sent out VIA email to those who email me back and request to be put on the mailing list. To subscribe - do the following:

Send e-mail to godarky@ilf.net. In the title of that letter put:
SUBSCRIBE: Virus Heaven Newsletter

*NOTE*
This will only be sent out to the e-mail addresses which I receive the above emails from. So make sure your REAL e-mail address is what shows up in the letter, or you wont get it, as I don't have time to fuck around hunting down people's real e-mail addresses.

Section Two - The Virus Heaven Newsletter Mission

This newsletter has little purpose other than to keep you all aware of what is going on, and to give you someplace else to turn as the presense of Vx magazines continues to dwindle.

It is no mystery that Mainstream magazines and sites have been dropping like flies. From what one can tell, the only reason for the disappearances are lack of interest in continuing on. I may get that way one day soon too, but for now I am going strong, and will continue to keep others up-to-date as long as I feel I am not talking to myself. I have yet to hear of any confirmed cases that anyone has been busted recently.

As many of you know, my site was one of a few key distribution points for Virus Bits & Bytes Magazine. It has been about 2 months since I have been able to contact Dark Night, so I don't know if another issue will be coming out anytime soon. His site is still available via FTP (see the list in section 4) and via WWW. The VBB message board is broken. I have spoken with Chaos of ILF and he advised he might take a whack at fixing it whenever. He has not heard from Dark Night either.

The mission of this Newsletter is similar to that of Virus Bits & Bytes magazine, but won't include executables. It has been said by many of the AV folks that distribution of viruses is unethical. If you wanna test out just how strongly they believe this, try posting a uuencoded virus to alt.comp.virus, and see how quickly your ISP (Internet Service Provider) is made aware of your activities. If your ISP is nice, they will either warn you, or they will ignore the complaints. If they share the same view, you could be hunting for a new ISP soon. So in all reality, I don't recommend doing this unless you know your ISP's rules well, and you know they wont mind. There is a newsgroup where you can get away with posting viruses, and that would be alt.comp.virus.source.code... Just last week the much wanted HARE virus aka HDeuthanasia was posted there, as well as some others. The traffic of Virus postings there is pretty low, in fact, out of 100 messages, 70-80 of those will probably multi-level marketing scams or other various forms of spams.

So really, this is just another medium for you to receive info on what is going on in the Vx world, and maybe learn something if I decide to type something worth reading. Enjoy the issue, and I welcome your feedback. You can contact me at godarky@ilf.net.

Section Three - The Disappearance Of Virus Related E-magazines

As many of you old-timers may have noticed, Virus Related magazines just don't seem to last like they used to. A couple of the older, possibly legendary ones have disappeared, and even some of the newer ones have lived a very short life. Luckily enough they have a shelf life which exceeds that of any of Hostess' products and are still readily available for your reading pleasure if you don't mind hunting around. If you do mind hunting around, just check out the Vx Site list at the bottom, and you are sure to find what you are looking for there, if not, let me know where you find it and what it is, so I can check the site out.

Yes, months ago the 40hex as well as the VLAD Homepages disappeared. It was kind of a sad thing to see go, but we all know that new talent will squirm it's way out of the woodwork eventually, and we will have something else to read about, new tricks to learn and so on.

And also within' the last month or so, the newer mag Virus Bits & Bytes magazine seemed to have screeched to a halt as well. With Dark Night nowhere to be seen or heard from, and a WWW message board that is in ruins, what remains is an in-tact VBB Headquarters/Homepage on the Information Liberation Front server. The VBB site seems to be working basically on Autopilot, and no new issue looks to be in the works at this time, however there is whispering going on that some of the other defunct members have been busy working on a Macro Virus construction kit.

Other individual sites have also disappeared as well. Rhy's has dropped out of the Alliance as President (or Chairman or whatever...) in addition to dropping his site at ILF. It is sad to see it go, as it was around for quite some time. I think his leaving is comparable to Materva shutting down his hacking site. And of course we cannot forget the ChibaCity site as well. Although I did hear rumors that it is coming back in a different location.

I am sorry to see all of these go, but with their absence, there will be some new kids to move into our block and hold loud parties, throw beer cans in your lawn, harrass your wife, beat up your son, and probably even date your daughter... But foremostly, there will be some new zines to arise, and of course, there will be new viruses as well. It is estimated that there is still upwards of 200-300 new quality viruses a month being made, so there are still some people writing em out there.

Section Four - The Vx FTP/WWW Site Guide

The concept of this section was created by PhreeX (phreex@ao.net). He compiled most of this information, and has authorized it's use here. It is A basic run-down of some of the better, more complete sites, and covers some other various tid-bits of information as well.

It isn't complete by any means, but at this time, life's necessities don't permit me the time to fully update it, so what you see here, is PhreeX's original file minus a few corrections or mini-updates. There wasn't time to visit every Vx site on the map, and Fly-By-Night sites will not appear in this section at this time, since they would probably not be there by the time you got this. Enjoy it

The *offical* 

  .o88b.  .d88b.  .88b  d88. d8888b. db    db d888888b d88888b d8888b. 
 d8P  Y8 .8P  Y8. 88'YbdP`88 88  `8D 88    88 `~~88~~' 88'     88  `8D 
 8P      88    88 88  88  88 88oodD' 88    88    88    88ooooo 88oobY' 
 8b      88    88 88  88  88 88~~~   88    88    88    88~~~~~ 88`8b 
 Y8b  d8 `8b  d8' 88  88  88 88      88b  d88    88    88.     88 `88. 
  `Y88P'  `Y88P'  YP  YP  YP 88      ~Y8888P'    YP    Y88888P 88   YD 

 
               db    db d888888b d8888b. db    db .d8888. 
               88    88   `88'   88  `8D 88    88 88'  YP 
               Y8    8P    88    88oobY' 88    88 `8bo. 
               `8b  d8'    88    88`8b   88    88   `Y8b. 
                `8bd8'    .88.   88 `88. 88b  d88 db   8D 
                  YP    Y888888P 88   YD ~Y8888P' `8888Y' 

 
       --==[\|/]==-- World Wide Web Site/FTP Site list --==[\|/]==-- 
                          [] Version 1.03 Beta 1 [] 

           Compiled by Dr. PhreeX Merian  Edited by God@rky 
        Brought to you by FoRcE, "Taking on the web with full FoRcE" 
  HUGE thanks to God@rky, this would have not been possiable without you!! 

                                -INDEX- 
                               Disclaimer 
                       A word on safe virus storage

LINKS

  • Part 1: Virus Genrators/engines
  • Part 2: Some popular viruses
  • Part 3: Mac viruses
  • Part 4: Needed tools (Assemblers)
  • Part 5: Virus related FAQ's/Tutorials
  • Part 6: Virus INFORMATION Links
  • Part 7: Computer Virus links
  • Part 8: Conclusion (By Dr. PhreeX Merin himself!!)
  • Part 9: Version Information, whats to come

Any comments, questions, or additions can be sent to me: phreex@ao.net or you can call me directly 24 hours a day at: 1-809-404-5468

Disclaimer:
I (Dr. PhreeX Merian) Can -NOT- nor will I be held responsible for your stupidity, viruses can destroy your/others computers (that is, the data within them,) if you execute a virus you just might get fucked. Collect 'em, study 'em, trade 'em but for god sake do **NOT** execute them.

Note: As of 10/13/96 at 19:38:03 PM EST every one of these links was valid, however they may die, if so please take it up with the site owner, not me!

A word on safe virus storage:
As your collection of viruses (virii) grows so does the risk of self-infection, believe it or not you -CAN- safely store viruses on your hard drive, I have over 3,000 and have NEVER been infected! Here are just a few things you can do to protect yourself.

  1. ALWAYS keep viruses zipped up, I can not stress this enough, keep each virus in its own .zip with a text describing it (if possible) you can get a free copy of Pkzip from; http://www.pkware.com remember, if its zipped up it can **NOT** be executed!!!
  2. Its a good idea to re-name the file extension to something other than .com or .exe, I use .co_ or .ex_, this way you can NOT accidentily execute the virus.
  3. Put all your viruses in 1 (one) directory, I use c:\VIRUS, you can use whatever the hell you want.
  4. Get a -GOOD- AV scanner! Because everyone thinks theres is the best you can get reviews and sites at; http://www.virusbtn.com I think FProt is the best, you can download a shareware copy (gag) but thats no fun, I suggest you check the alt.binaries.warez.* groups for a -REAL- copy (its always posted somewhere).
  5. Once you get a AV scanner USE IT!!!, remember, you put all your viruses in one directory, most all virus scanners allow you to exclude drives/directories/files when you scan, set your scanner to exclude whatever directory your viruses are in. If you start to get reports of viruses outside of that directory you might have a problem.
  6. If you really paranoid you can keep all your viruses on floppy disk, actually, this is a good idea, due to the small size of viruses you can store TONS of 'em on only a few disk's. ZIP drives are also nice to have, so are CDR's. If you put your viruses on disk LABEL the disk so others don't infect you.
  7. USE COMMON SENSE! This is really the best protection, don't be an idiot, don't run anything that you don't know what it does, yadda yadda yadda...

On with the show......
Here is how this file is aranged;

File/Site name
http://www.this.is.the.site
Review of the site/file will go here...

Lets get started!!

Please note the following;
I would like to keep this file somewhat small, for that reason I will not go into just what each virus/program does, if you wish to know just what one of these does the go here: http://www.Europe.DataFellows.com/vir-info/ I also have omitted links directly to virus sims (emulators), theses are used for testing AV scanners and are of little use to the VX community.

(God@rky: Actually according to many of the AV folks, virus sims are useless. And that only a good test can be performed by an AV expert. As well as the factoid that the only test they consider a good install test, is the EICAR test.)

Part 1 [ Virus Generators ]

Part 2 [ Some Popular Viruses ]

--MACRO VIRUSES--

Part 3 [ MAC Viruses ]

Part 4 [ Needed Tools ]

Part 5 [ Virus related FAQ's/Tutorials ]

Part 6 [ Virus INFORMATION Links ]

Part 7 [ Computer Virus WEB pages & FTP sites ]

If you have any links to good (or even crappy) virus pages send 'em my way, I will add to this list later..

Part 8 [ Conclusion (By Dr. PhreeX Merin himself!!) ]

  • Well, after a few hours of surfing around andtesting ALL THESE links I give you the "Computer Virus Site List 1.02", this is still a beta, it will be until I can no longer come accross a new virus page, if you know of anything VX related please e-mail me (phreex@ao.net).
  • You might object to this list, many people do, they believe viruses should be illegal and no one should access to them however if you dislike this then fine, don't read it or download from the above sites. The problem is lamer newbie fucks think the internet is like the real world, where there is a organized legal system to stop anyone that does wrong, well .. welcome to cyberspace, people like me will always be here!!

Part 9 [ Past version history, and whats to come ]

  • Version 1.0 Beta 1 Listed a few sites, lots of Virus Gens.
  • Version 1.01 Added more URL's, added section on safe virus storage.
  • Version 1.02 Current.

For a current copy of this list send a request to phreex@ao.net or looking in the usenet newsgroup alt.comp.virus

Regards,
Dr. PhreeX Merin, PhD in the cyber underground

Section Five - Uncanny Virus Ideas

Well at this point, I guess this section would otherwise be empty being this is the first issue. But we cannot have that, so I will improvise and do my best to get us started. This area will mostly consist of Ideas for the Authors with virus writer's block. Or maybe somewhat of a humor section as well. We will see how it goes... If you have ideas you would like to contribute, feel free to e-mail me at godarky@ilf.net and I will put the best of em in the next issue. :)

1. The Eicar Virus. For those of you who don't know what the EICAR file is, I will explain. It is a file which you can append to just about any kind of file and will cause the file to be reported as infected when scanned with an AV product that supports the EICAR test file. It is a big political pissing contest for a standardized Installation test for AV products really. Anyhow, an interesting Idea for a virus might be one that incorporates the EICAR test file as camoflage. Sounds stupid? Think about it. Most of the popular AV products (F-Protect, McAfee's, Norton's (I think) and Dr. Solomon's) all detect it for what it is. It is said that AV companies get the viruses that you write within days (usually) of the first time they are distributed from a site like mine. Usually from someone who has become infected with the virus and sends them an infected file. Well more than likely what are the guys in the virus lab gonna think when they first scan the file and it shows up as the EICAR file? Well one of 2 things, and I think the latter of the 2 is more than likely what will occur until they learn otherwise. The first being that they might do a disassembly of the file and see what they can find in the code. Or they might let the file loose on a hospital computer and see if they can replicate it. While this could happen, I tend to think that they probably see alot of EICAR infections which would bring me to the second scenario, which they would more than likely write it off at the fact that the person attached the EICAR file to the file in question without even testing it for replication. If this were the case, you could hide all kinds of heinous code behind this, and it would prolong an AV program from detecting your new creation possibly.

So now you have an Idea as to how this section will be filled in the future. Send in your revolutionary ideas and they will appear just like this one did.

Section Six - Naming Viruses

So, you author viruses. Do you name them before you write them or after? Well many name them before and many name them after. But in all reality, it doesn't really matter what you name them, as that name probably isn't going to stick. In other words, you, the author of the virus, don't get to choose the name of your own creation. Picture your wife carrying a baby in her womb for 9 months. With a little medical help at the hospital, the baby is delivered, and the Birthing papers are finished and all that, and now comes the time you get to use that name that you perhaps spent months deciding/arguing on. Imagine if some baby naming organization came in and decided they didn't like that name and stamped some generic name on your child. Pretty crazy huh? Well that is how viruses get their names, for the most part.

I know it is a great misnomer that the Author names the viruses. But I will explain how viruses get their names when it is their time. It was explained to me by Dr. Alan Solomon himself, and it is really sort of a strange process when you think about it.

You author a virus, we will call it "Satan's Dumpster". You spread Satan's Dumpster to numerous Vx sites and via alt.comp.virus.source.code and so on. Well your virus gets spread enough, and enough infections are reported that it makes the "In The Wild List", well now that it is ready for recognition by the AV community, it is time for Satan's Dumpster to get it's REAL name. Dr. Solomon described this process as a group of beer swilling people who get together in a pub to talk about Viruses. This group is known as CARO. They are the people who come up with the name of your virus. They will decide Satan's Dumpster will be called "Billy Goat". Thus whenever the AV companies decide it is time and the need is there to detect your creation, it will detect it as the Billy Goat virus. Nifty huh?

You don't believe me? Remember the HARE virus? The original author named it HDeuthanasia, by the time CARO got ahold of it, it became the HARE virus. It was said it was named after a rabbit. But it is apparent that it was named after the chant which prints on your screen when the virus is activated on your computer in relation to the Hari Krishna religion. If that is not enough for you, howabout the Bizatch virus. It is now detected as the BOZA virus. So before you spend hours and hours thinking of some clever new name for your virus, remember that in the end, that probably wont be the name of the virus.

Section Seven - Government Sites & Viruses & The Law

Dr. Solomon's Virus & Computer Crime related law page is interesting as well as a good resource for you that care about what laws, if any you are breaking. The page has The federal laws for the United States of America, as well as the various state laws (which are more harsh and relate to those of you who reside in a particular state more), as well as laws in the UK and a few other countries. If your country isn't listed and you know the laws, you might visit his site and drop him a line so he can get them posted.

The Federal law(s) in the United States are pretty straightforward, and don't really effect you unless you are targeting the government. They state that you are not breaking a federal law, unless you harm a computer of theirs, or one they have interest in.

Well that is fine and dandy, but most of the state laws are much harsher, but still are only a slap on the wrist. In my state (Oregon) for example, I believe spreading viruses to a big business, such as say Intel for example, is only a Class B Felony. A Class B felony is a small hit for someone without a prior record. But then you have to remember that this is only 1/2 of the trouble you would get into. This would be the criminal trial. After that is said and done, I am sure Intel would take me to court on a Civil trial and make me poor for hundreds of years if were to live that long. Provided they could prove their case in a court of law.

So if you are not sure what laws, if any, you are breaking, you may want to visit Dr. Solomon's and find out. The reason I recommend his site is because you don't need a degree in criminal law or a latin translator to understand the laws on his page. You also don't have to wade through an entire Law Library to find what you are looking for, like some of the other law sites on the net. There is a direct link on my site which will take you there, or you can look above in Phreex's Site list in the previous section and get the URL for the site.

So what does the AV industry think of our sites? Well in the Usenet, they would have you believe that our sites are the tool of Satan (or insert your social/religious equivalent of the Antichrist here) and Virus Authors are not relevant to the existance of the AV industry as it is today. I personally think this is bullshit, but who am I, right? What does the government think of our sites. Well I guess that depends on where you live. The federal government of the U.S. doesn't really give a shit personally. And A branch of them, the CIAC, has actually written me, after visiting my site, and requested that I put a link to their site on my page. I have done so, because there is information there which some might find useful, *AND* because they were civil in their e-mail and recognized that sites like mine will exist whether they want then to or not, and that they can actually give them a jump on disinfecting viruses as they come out.

The AV companies tend to say they will not use our sites, but I still read every now and then in alt.comp.virus, that there are many informants between the AV world and the Vx world. Which tends to make me think that our sites are used.

If I were to send them a Vx dropper file, they would probably incorporate it in their next version of AV software. They keep telling me that Viruses that make the ITW (In the Wild) list are ones that are spread widely. Well alot of viruses that are spread widely never make that list that appear on my site, The Alliance's site, or any other heavy traffic sites. So this theory has proved inaccurate, or that whoever keeps the ITW list is lazy or waiting for a media frenzy before adding to the list. A site like mine will get anywhere from 200-1000 hits a day, maybe more. And the downloads are unreal. In a week I think a virus can be pretty well wide-spread, at least to fit their definition of "widespread". But they never appear. But then, what was the virus renamed to huh?

=========

Section Eight - South African Virus Authors/Collectors would like to Exchange information and Techniques with you.

Well about 2 weeks ago, I received the following letter in E-mail. It was from South Africa, and they wanted me to spread the word. Well I forwarded the message to a few people, but I didn't feel that did the letter or the cause justice, so I am going to print it up here, and let others have access to the letter as well. Feel free to correspond with them, they
Welcome it. :)

-----------------------------E-mail Start Here------------------------------- 
Hi, 

I'm Rudy from South Africa. 

I have just started to gather a group of interested Virii "Collectors" 
and "intelligence gatherers" in South Africa. 

I (we) would like to communicate with you guys on interesting 
subjects like "cookbooks" and "recipes". 

Some of your groups have been established for many years and hold 
a treasure of knowledge when combined. 

My real e-mail : Rudy@lexicon.co.za 

Waiting for your reply 
------------------------------E-Mail End Here--------------------------------

Well that is it for this issue, I am looking at providing this on a monthly basis. And welcome your feedback. Things to come in the next issue planned are:

  1. Beginners Guide for Newbie Collectors
  2. Beginners Guide for Newbie Authors

And I am sure other ideas will pop-up as well. I welcome your feedback, flames, or other tidbits of info as well. You can mail me at godarky@ilf.net for correspondance.

next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

guest's profile picture
@guest
9 May 2024
Sabung Ayam Online
guest's profile picture
@guest
9 May 2024
Situs Sabung Ayam Digmaan
guest's profile picture
@guest
8 May 2024
very tasty
guest's profile picture
@guest
8 May 2024
I like the old PC-viruses. They were very popular in the 90s
guest's profile picture
@guest
8 May 2024
Sabung Ayam Online
guest's profile picture
@guest
7 May 2024
I like the idea of using Caraffa to color the beer
guest's profile picture
@guest
7 May 2024
Sabung Ayam Online
guest's profile picture
@guest
6 May 2024
Situs Sabung Ayam Digmaan
AniphaeS's profile picture
@AniphaeS
5 May 2024
Yes, you are right! The correct spelling is " QUEENS". Thanks a lot for the warning 🙂
guest's profile picture
@guest
5 May 2024
Daikatana was my favorite game on the Nintendo64. I have played it a lot but never managed to complete it 100%
a Francesco Arca production 2016 - 2024
Terms of Service - Privacy Policy
neperos on mastodon
Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT