totse.com | The Kollywabbles' Virus Newsletter number 4


	About


	Community


	Bad Ideas


	Drugs


	Ego


	Erotica


	Fringe


	Society

	Viruses
		Virus Information
		Virus Zines - 40HEX, Crypt, etc.


	register \| bbs \| search \| rss \| faq \| about
	meet up \| add to del.icio.us \| digg it
	The Kollywabbles' Virus Newsletter number 4 NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site. Kollywabbles' Virus Newsletter Number 4, Volume 1 January 25, 1996 ========================================================================== ========================================================================== UPDATES Hmm... nothing really quite out of the ordinary happening in the virus world lately, at least not in the US. As usual, lately Australia has had booming business in the "industry", and VLAD has been working on the Win95 kernel. They claim the headers are the same as WinNT, etc, but Win95 has a cryptic kernel. Yet another country for virus writers to discover. POLYMORPHISM It seems everybody these days has their own mutation engine. The problem is, do they actually perform their duty. If the definition of "duty" is that they change the virus encryption key each infection, well, then they do perform their duties. They "duty" I am referring to is keeping the virus as undetectable as possible. Polymorphic engines seem to not only spit out a different virus every infection, but also spit out heuristic flags to accompany. You can scan one infection with heuristics and not find a thing, but, moving to scan the next infected file unearths a myriad of "virus droppings". "But they are infected with the same virus" you may say. Hmm... Are there any perfect engines out there?? No, not that I know of. All of those engines out there will generate at least ONE flag once and a while. The most common of these being "Garbage instructions" or "Found code that has no purpose but to evade virus scanning". Want to find out how to get rid of some of those flags? Read VLAD#5 (or is it Insane Reality #3?). Neermind. VIRUS GENERATORS B E S T I recently got a hold of Biological Warfare 1.00 (thanks Tonghoti). It is, in my opinion, the best generator out there. Besides the fact that it produces near-working code (a little work by a skilled ASM programmer does the trick nicely, but the generator doesn't screw up that much), it has many features that other virus creators dont. Setting N.R.L.G. aside, (if that program created code that even came close to working right, I might consider using it) it has surpassed all the others in features. The one thing that sets it apart from the others is polymorphism (via an engine called "BWME") that works ehh.. fairly well. (you can easily modify the BWME to be more complex and powerful) One thing I am excited about is the author says the next version (if he even makes one) will include an option to include boot sector/MBR infections. W O R S T The worst and the most idiotic virus generator out there would have to be IVP. It is even worse than the VCL, even though it was created AFTER the VCL. Y.A.M. hasn't (in my opinion) created anything worth mention. Their viruses all suck, and lack imagination. NRLG isn't as bad as IVP, even IF it doesn't work at all (and translating Azrael's psuedo english is a feat indeed). Well, enough of the put-downs. VIRUS WRITERS SPOTLIGHTS Well, this section may be incomplete, since I lack two things: 1. An account on the internet. (to get a hold of any writers out there) 2. Aquaintance with any virus writers. So, I will write this section based on what I have seen. SPOTLIGHT -=Q=- the Misanthrope Q has created some extremely creative and innovative viruses. Windows infectors, batch-COM-boot sector-MBR infectors, readme viruses, etc. He isn't affiliated with any one virus writing group, and I don't think he wishes to. Somebody to watch out in the virus world. That is it for this week's newsletter. Hang tight until next issue.
	To the best of our knowledge, the text on this page may be freely reproduced and distributed. If you have any questions about this, please check out our Copyright Policy. totse.com certificate signatures
	About \| Advertise \| Bad Ideas \| Community \| Contact Us \| Copyright Policy \| Drugs \| Ego \| Erotica FAQ \| Fringe \| Link to totse.com \| Search \| Society \| Submissions \| Technology

	Php
	Withstanding an EMP
	Good computer destroyer?
	Wow, I never thought the navy would be so obvious.
	Alternatives Internets to HTTP
	Anti-Virus
	a way to monitor someones AIM conversation
	VERY simple question: browser history


	Sponsored Links Ads presented by the AdBrite Ad Network

TSHIRT HELL T-SHIRTS