Copy Link
Add to Bookmark
Report
Tolmes News Service 28
#######################################
# #
# #
# ======== =\ = ====== #
# == = \ = = #
# == = \ = ====== #
# == = \ = = #
# == = \= ====== #
# #
# #
# <Tolmes News Service> #
# ''''''''''''''''''''' #
# #
# #
# > Written by Dr. Hugo P. Tolmes < #
# #
# #
#######################################
Issue Number: 28
Release Date: February 27, 1988
TITLE: Viruses Threatening Era of Computer Freedom
FROM: The Chicago Tribune
DATE: February 21, 1988
By Christine Winter
At George Washington University, students were complaining about data
disappearing from their floppy disks. One day it was there; the next it
wasn't.
Computer programmers in the lab took one of the damaged disks and
delved into the complex lines of computer code used to write the programs
on it. Translated, the message read: "Welcome to the Dungeon... Beware of
this VIRUS. Contact us for vaccination...." Included were two names, an
address and three telephone numbers in Lahore, Pakistan.
Six months ago, a half dozen small businesses in California started using
an accounting software package they got free from an electronic bulletin board
sponsored by a local computer store. Everything went smoothly until each of
them hit a certain total in accounts receivable; at that point, all their
hard disk drives mysteriously erased all their accounting records.
In recent weeks in Silicon Valley, several employees at a small company
reportedly had their video monitors catch fire while they worked at their
PCs. Investigators speculate that the diskettes they were using contained
buried commands that changed the cycle speed of certain video functions,
causing the monitors to overheat and ignite.
Behold the arrival of the computer virus- an electronic scourge that could
have the same chilling effect on the free flow of data that AIDS has had on
the sexual revolution.
A computer virus is simply a small computer program. However, it is
designed not to process words or crunch numbers, but to do some kind of damage:
to delete data, alter information or destroy hardware. Viruses are written
in a computer programming language, a type of code made up of numbers and
symbols that gives instructions to the computer "behind the screen."
What differentiates a computer virus from any other program, or even
any other form of computer sabotage, is this: It gives instruction to attach
itself to other, innocent programs and to reproduce itself.
The average user would not see these extra characters or lines of
programming code on the screen, or understand them if he did. Even a
sophisticated programmer would have to go looking for a virus to find it.
Another devious feature of a virus is that it is a time bomb. It is
designed to do its dirty work later, when some data or even triggers it.
A virus recently found at Hebrew University in Jerusalem, for example,
was dles on the university's massive network, which
included government and military installations, on May 13. It has been
decoded and dismantled.
Because of those delayed "logic bombs" that are built into most viruses,
they are likely to spread among a given user group before they do anything to make their presence known.
Today's trend toward connecting computers and sharing information over
electronic bulletin boards make viruses more contagious. These electronic
bulletin boards are forums where computer users can communicate and trade
"public domain" or free software via telephone linkups to commercial public
networks.
One of the biggest threats to corporations comes from the trend to
bring computer work home- where diskettes could be infected by programs that
children bring home from school or get from bulletin boards.
A virus spreads by burying itself deep within the computer's operating
system, which is the set of instructions that tells the computer how to do
specific housekeeping tasks. This system must run every time the computer is
turned on.
The virus then gives commands to make room for a copy of itself on every
data diskette, or every program stored on the bard disk in the infected
computer. Every time a new diskette is used to store data or copy a program,
the virus goes along. When that diskette is introduced into a clean computer,
it spreads the virus there too, and so on. Just like a common cold or the flu.
"Let's face it, hackers have been breaking into government and university
computers for years," said Peter Roll, vice president of information services
at Northwestern University [see notes on the article]. "The concept that this
is new with viruses is their ability to propagate."
There seems to be no such thing as a harmless virus. The virus that hit
George Washington University and at least four other East Coast schools is
generally described as passive. It was apparently intended to do nothing more
harmful than duplicating itself, said Michael Peckman, a programmer-analyst
there. But it wreaked unintentional havoc by deleting or damaging data
when it made room for itself on student diskettes.
"The creator apparently intended just t have some fun, and look at the
harm he did," he said. "We had people lose their theses."
"The people who write these programs are not pranksters, they're
vandals," said Denis Director, president of Evanston-based Director
Technologies Inc. His Disk Defender is one of several security products,
originally designed to prevent accidental data loss, that are being
seen in a different light today.
There are some who think the viruses have been overdramatized by the
media. Phillip McKinney, a manager at OakBrook-based Thumbscan Inc., a
security products company, said there are probably only seven or eight
viruses in active circulation in this country.
"There's never really been a documented case of industrial sabotage,"
he said. "This isn't something that is a serious threat to the average
corporation on a yearly basiss."
en, a University of Cincinnati professor of computer
sceince, does not agree that the recent media hype has blown the problem out
of proportion.
The best known virus episodes have a lot of flash but not much substance,
he said. The more successful a virus is, the less likely anyone is to know
about it.
Cohen, who is generally credited with develping the first computer virus
as part of research on computer security for his doctoral thesis in
1983, suspects we are only seeing the tip of the phenomenon. There could be
viruses at work in corporate America that may never be discovered, he said.
these viruses are much more subtle, and dangerous than "the gross and vulgar
ones" that give themselves away by destroying everything.
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
The article went on and discussed such things as:
- a virus at Lehigh University in Pennsylvania
- the virus at IBM's electronic mail service
- various programs to protect users against viruses
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
"Let's face it, hackers have been breaking into government and university
computers for years," said Peter Roll, vice president of information services
at Northwestern University-
Northwestern's computers are at:
- (312) 491-7110/3055/3469/3070
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
For more information on compuer viruses, see previous issues of TNS.
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
The following series of busts was covered by the news in detail. Here it is from a newspaper article.
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Taken from the TULSA WORLD, February 9,1988:
Tulsa police and the U.S. Secret Service served search warrants on three
Tulsa residents, including two juveniles, suspected of illegally obtaining
long-distance access codes, officials said Monday (Feb. 8). The names of the
suspects were not released and none were arrested, but criminal charges may
be filed after further investitgation, said Tulsa detective Cpl. Ed Jackson.
Officials confiscated the computer equipment of the two juveniles, Jackson
said. A 17-page list of what is suspected to be MCI Telecommunicatons
Corp. access codes was confiscated from the third suspect, he said.
A search warrent filed Friday stated the list was in the possession
of Shane Gozlou at O.K. Motors, 2901 E. 11th St.
Authorities aren't quite sure the list is of access codes yet, since it
is written in a Middle Eastern language.
After the list is translated with the help of University of Tulsa
language experts, it will be sent to MCI officials to determine if the
numbers are access codes, Jackson said.
The investigation began in January after MCI noticed outside computers
were attempting to infiltrate the Tulsa MCI computer to obtain access codes,
Jackson said.
The warrant states police tdes to O.K. Motors by tracing
calls to MCI telephone lines with the help of Southwestern Bell personnel.
Computer hackers use illegally obtained access codes to contact
computers across the nation without having to pay for the long-distance
telephone usage, Jackson said.
Computer hacking is a growing problem, officials said. Long-
distance telephone companies lose about $500 million annually because of
illegally used access codes, said Jerry Slaughter, senior investigator with
MCI.
The loss incurred because of the three suspected Tulsa hackers has not
yet been determined, he said.
Most computer hackers are juveniles who are very bright, but usually
make below average grades in school, Jackson said.
"They're bored with their homework, so they spend all their time on
their computer at home," he said.
They attempt to obtain access codes because "their parents might
get a little upset when they find out they have a $2,000 phone bill,"
Jackson said.
The two Tulsa teens had compiled some unusual information on computer
disk, he said. Found in one teen's computer were recipes for Napalm and a
Molotov cocktail, he said.
Also found during the searches were several credit card numbers,
including one to a credit card reported stolen in Tulsa, he said.
One of the teens had made 1,650 attempts via computer in a 12-hour
period to obtain more access codes, Jackson said. He obtained five
working codes.
None of the suspected computer hackers knew each other, Jackson said,
although two had communicated via computer, using "handles," like citizen's
band radio operators.
Suspects can face federal charges if caught with 15 or more access codes
or one illegal code used to spend more than $1,000, Jackson said.
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
.........and another three bite the dust.
This is a fairly typical bust. I've seen it played over a hundred times.
Now for some things on the article:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
"Tulsa police and the U.S. Secret Service"-
The USSS (United States Secret Service) are usually involved in these busts in
some way... as in this case.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
"A 17-page list of what is suspected to be MCI Telecommunicatons Corp.
access codes was confiscated from the third suspect"-
Seventeen pages is quite a long list. I've heard of people having such lists
from constant scanning in the past. I've even heard of people having Sprint
"bibles" of codes. This isn't very helpful since there is evidence of all the
old codes that have been used. It's not wise to have evidence of every code
that you every abused.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
"The investigation began in January after MCI noticed outside computers
were attempting to infiltrate the Tulsa MCI computer"-
Again, I've seen this happen over and over again notices that
someone has been dialing them over and over again and traces tha call. The time
when most scanning is detected is after midnight.. when there usually aren't as
many calls.. and suddenly there is one every minute.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
"Found in one teen's computer were recipes for Napalm and a Molotov
cocktail"-
Most hackers (even r0dents) have a few g-files on bombs and such. These files
have been going around for about four years and are still popular. Most
likely, the files that were confiscated were sections from "The Poor Man's
James Bond" or maybe an old g-file from Grey Wolf.
It's more likely that it is from "The Poor Man's James Bond" because I
remember the files and it contained both napalm and molatov cocktails.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
"Also found during the searches were several credit card numbers"-
This probably came from a buffered message containing cards from either a
card-scan or some trashing.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
TNS Quick/\/otes:
-----------------
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Mafia Dude and the rest of TAU has been proceeding with "Operation NightScan".
NightScan is a wardialing/scanning operation. Most of it is going on in
the 202 NPA (Washington, DC). The results of all this scanning will come out
in the form of a g-file.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Some other things on Mafia Dude:
Currently, all his mail is being scanned by his parents. All his news is
coming in from the modem world. Also, Bellcore Systems might be going back up.
All of this is uncertain.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Prime Anarchist was arrested for a protest at a CIA recruiting office. They
were given three warnings and then arrested.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
A company called Mutual Telecommunications Network is just a scam that
people should stay away from. It also goes by the name of MTN Communications.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
End of the QuickNotes!
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
Board List
----------
The following is a list of bulletin boards around the country. The ones with
a "*" next to them is where you can find the TNS files.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Digital Logic's Data Service.......(305) 395-6906
Sysop: Digital Logic
Others There: The Ronz, Lex Luthor
Baud: 300/1200
Notes: A Homebase for the LOD/H Technical Journal, phreak/hack, etc.
All of the LOD/H TJ files availiable
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*Pirate-80 Information Systems.....(304) 744-2253
Sysop: Scan Man
Baud: 300/1200
Notes: one of the oldest phreak/hack boards around
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*Ripco International...............(312) 528-5020
Sysop: Dr. Ripco
Baud: 1200/2400
Notes: 96 megs of storage
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Pirate Communications..............(206) 362-4008
Sysop: Black Manta
Baud: 300/1200
Notes: basic phreak/hack
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
*Executive Inn.....................(915) 581-5145
Sysop: Argos
Co-Sysops: many
Baud: 300/1200/2400
Notes: Many different sub-boards
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
The Works..........................(914) 238-8195
Sysop: Unknown
Notes: None
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Forgotten Realm....................(618) 943-2399
Sysop: Crimson Death
Co-Sysops: Phrozen Ghost & Epsion
Baud: 300/1200/2400
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Chaos Shoppe.......................(914) 478-0838
Sysop: Who knows
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Phreak Klass Room 2600.............(806) 799-0016
Sysop: The Egyptian Lover (TEL)
Co-sysop: Carrier Culprit
Baud: 300
Notes: A bbs for phreak/hack -ducation
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Celestrial Woodlands...............(713) 580-8213
Sysop: The Ranger
Baud: 300/1200/2400
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Inner Sanctum......................(914) 683-6926
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
OSUNY..............................(914) 725-4060
Sysop: Tom Roberts (whatever)
Baud: 1200
Notes: OSUNY= Ohio Scientific Users of New York
- a very old phreak/hack bbs ... mentioned in Newsweek a lot
- homebase for 2600 magazine
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
