,, MMP""MM""YMM `7MM P' MM `7 MM MM MMpMMMb. .gP"Ya MM MM MM ,M' Yb MM MM MM 8M"""""" MM MM MM YM. , .JMML. .JMML JMML.`Mbmmd' `7MMF' `7MF' `7MMF' `7MMF' `MA ,V MM MM VM: ,V `7M' `MF' MM MM .gP"Ya ,6"Yb.`7M' `MF'.gP"Ya `7MMpMMMb. MM. M' `VA ,V' MMmmmmmmMM ,M' Yb 8) MM VA ,V ,M' Yb MM MM `MM A' XMX MM MM 8M"""""" ,pm9MM VA ,V 8M"""""" MM MM :MM; ,V' VA. MM MM YM. , 8M MM VVV YM. , MM MM VF .AM. .MA..JMML. .JMML.`Mbmmd' `Moo9^Yo. W `Mbmmd'.JMML JMML. ,, ,, ,, .g8"""bgd `7MM `7MM mm db .dP' `M MM MM MM dM' ` ,pW"Wq. MM MM .gP"Ya ,p6"bo mmMMmm `7MM ,pW"Wq.`7MMpMMMb. MM 6W' `Wb MM MM ,M' Yb 6M' OO MM MM 6W' `Wb MM MM MM. 8M M8 MM MM 8M"""""" 8M MM MM 8M M8 MM MM `Mb. ,'YA. ,A9 MM MM YM. , YM. , MM MM YA. ,A9 MM MM `"bmmmd' `Ybmd9'.JMML..JMML.`Mbmmd' YMbmd' `Mbmo.JMML.`Ybmd9'.JMML JMML. -- Contact -- https://twitter.com/vxunderground vxug@null.net

How did you start out in computers?

I started off with BBC MICROs in my primary school (which were BASIC only machines). I also had a friend of the time which ran an Amstrad with BASIC and CP/M. I read the manuals from both computers and learnt BASIC (though we didn't have CP/M manuals at that time). Soon after, I made a friend who gave me an IBM XT with a 40meg MFM hard disk and a monochrome monitor. A year later, he gave me an IBM AT with 40meg hard disk and EGA. Soon after I got a 386SX-16 with 4 megs of ram. Then I aquired a 200meg hard disk (which died after a few years of loyal use) and a SVGA screen. Recently I bought a 486DX2-66 with 400meg hard disk and 16 megs of RAM. This should do me for at least another year. You could say quite confidently that I've been through the whole progression of personal computer technology ;)

How and when did you start out in the virus scene?

I think it started when I recieved some DOS 5 install disks and they kept complaining about some errors in unpacking files during installation. After running an AV (probably McAfee) I learnt I had a virus (which was pretty neat at the time). Then I read about viruses in Ralf Burger's book (I forget the title) and bought a book by McAfee on "Computer Viruses Data Diddlers Trojan Horses, and other threats to your system". It sucked but oh well. Then someone gave me a copy of Stoned, then I built up a collection, then I learnt assembly language (beforehand I knew C++, which I'd written a few trojans in, hehehe).

Have you written viruses? If so which would you like to take credit for?

Of course I've written viruses. Unfortunately none so far have been very unique. Actually I've only written a few viruses with most of my other time writing documentation on virus technology. One thing I do want be known for is Facade, and a new virus which I'm in the process of writing called Essence.

How do you name your viruses?

They're usually named according to what is stressing me at the time in real life, or alternetively, according to what is special about the virus. Here is a short list:

Girl In Green

At this time I had a crush on a girl who I saw on the bus home from school, who always wore a green school uniform. I spoke to her once in a shopping center for like 2 seconds while she looked me up and down (I was dressed somewhat strangely). As a matter of fact I think I saw her just a few days ago at a bus stop (of course, not in uniform).

Toilet Bowl

Hehehe, this got its name from the payload it used which was when it detected it was being traced by TBCLEAN (with prefetch tricks) it'd jump into the video segment and start executing code. I thought this was like flushing TBCLEAN down the toilet :)

Facade

This was written for a friend who wanted it to say 'Facade' in the payload.

Lauren and Lauren Obsession

I was obsessed with a girl called Lauren in america who has in the last year dissapeared :( I can't get into contact with her.

Black Tide

A friend of a friend had died from a crack overdose and I was upset. I walked down to the beach at midnight and wrote a poem about it called the black tide.

Fractured Reality

This was a new version of Black Tide I think... it didn't include the poem but it included a little short text which blaspheme'd against God for taking away my friend's friend (who, quite strangely, might not have ever existed at all! it's a long story).

Essence

This is the latest virus I'm writing. It uses a new form of polymorphism, the technology of which is based upon the very factors which evolved life from nothingness. The very essence of life itself is used in the polymorphism, hence the name.

Which programming languages do you know?

At one time or another I've been fluent in Turbo Pascal, C, C++, Visual Basic (1), and assembly language. These days however, I don't remember a word of VB, Pascal I'd need a refresher course on, C/C++ I'm relearning right now, and I know assembly language pretty well at the moment and am trying to grasp protected mode basics.

What programming language do you like using the most?

I have to say now that I -HATE- all BASIC and languages derived from BASIC. It just has no structure. Pascal sucks because nobody uses it anymore, and access of files in it sucks from what I remember.

C/C++ is very good though. I love the structure. Assembly Language is very good too! I'm thinking of learning ADA95, it sounds good, but I guess I don't really know anything about it, so it's best I don't comment (yet) :)

Are you a member of a VX group?

I used to be a member of [Immortal Riot/Genesis] but I have since left and am starting my own group.

Which AV software do you like/respect the most? Which the least?

I really dislike all AV software. I mean, companies are spending more time on interfaces than the actual methods of virus detection under the hood.

For instance, TBAV's heuristics started good but are now just really slack. DSAV can miss a virus strain because it uses CRC-32 and any change of even one byte will make it miss the virus completely. FPROT is really just an okay all round virus scanner but doesn't have that good heuristics and names alot of viruses as variants when they're not.

Some other pathetic packages worth mentioning are McAfee, Virus Buster and VET (two packages native to here in Australia). They suck real bad. NAV and PC-CILLAN are supposed to be really bad too.

What are your goals (VX wise)?

I'd say world domination but that's too cliche. Actually more than anything I want my group to be known, I want governments and military to label us terrorists and fear us :)

On a more personal level, I want to become better at writing viruses, I want to develop some new technology to make viruses better. I want to be part of writing the virus which changes the world.

What is your view on the continuous 'war' between VX and AV.

I hate the AV with a passion. I mean, not on a personal level, but just on a business level where they produce crappy products and slap it in a nice user interface and spoon feed the users garbage about 'new virus detection methods inside!' which are just bullshit. Then again, who can blame them, a majority of computer users are braindead idiots, as far as using a computer goes that is.

Where did you get you handle? What does it mean?

Methyl is short for 'The Methyl Lated Spyryt'. Before that I was throwing around a few handles, looking for one which suited me. I was being called 'Casper the unfriendly ghost' at the time by some friends who knew what I was up to... and I enjoyed being a ghost. But then I saw a bottle of methyl-lated spirits on the shelf of a toilet and thought "Hey, why don't I call myself The Methyl Lated Spirit??". A few years later it evolved to 'Spyryt' instead of "Spirit".

Unfortunately people think of Methyl as in various chemical substances, especially alcohol, and being associated with that really pisses me off. This is why I'm chosing a new handle (also to coincide with the creation of my new group), it seems likely at the moment to be 'IndianOwl'.

The reason for that is because I love owls (yes, whoot whoot, the ones which fly). They are the most elegant and beautifull creature :) I also love how spiritual the red indians were... they really were cool. I am a deeply spiritual person (in a general sense) and I love owls, so why not be a red indian owl? :P You could say, i'm a red indian owl spyryt... RIOS :)

No handle is definately decided upon yet.

What is your view on Virus Creation software (eg. VCL, PS-MPC etc.)?

I never really worked out how to use VCL, but the idea of a GUI was nice, it could have been implemented much better however.

PS-MPC and G2 however were very good, I like them. I generated alot of code to look over when I was trying to understand how a virus can go TSR. BW (Biological Warfare) was quite good too, sort of. I liked the colours :)

Most new viruses generators suck compared to these old two. I personally like VCKs. I see it as a challenge to write a good one, and in the end they might help somebody, and cause lots of glut for the AV. Hey, it's a VCK, it creates viruses, what's so bad about that?

What is your view on macro viruses vs. assembly or HLL viruses?

HLL viruses I don't like too much, especially ones which use more assembly than the high level routines. I guess this is just a result of my virus upbringing, and has no real reason to it :)

Macro viruses however, hehe, it's funny to see how many assembly language coders disrespect macro VWs (I even used to!). But look, macro viruses really are spreading well in the wild, moreso than the new assembly language viruses are. On the other hand, I hate any form of BASIC and WordBasic is the main macro virus language. Also, just the idea of macro's is sort of limiting, but with DLL calls etc that's not so true anymore.

I don't especially like macros or HLL viruses but if they get the job done, who am I to complain?

Have you ever confirmed one of your viruses 'in-the-wild'?

Yup, Facade was in the wild. I never spread it, I just gave the source to 2 people and told them not to hand it out. Then after a few months I decided to release the source to anyone that asked.... and then ShadSeek came to me and told me he'd gotten paid to remove my virus from some university over in the United States. He said he'd never seen the virus of anyone he knows in the wild before :)

Personally he should have waited... in a few months the payload would have destroyed all the infected hard disks :) Facade was my first destructive, and so far only destructive, virus. Girl In Green did corrupt the floppy disk boot sector on activation but this was by a coding error.

Which VX E-zine do you like to most? Which the least?

Best of all time: IRG#8... I -LOVED- this zine.

Liked: VLAD, 40HEX, XINE

Not really for me: RSA, SLAM, SOK, VBB

Sucked badly: THC, YAM

Which individual or what group do you like/respect in the VX world?

hmmm, i respect and like a few people :)

Respect

Like

Hate with a passion

In the AV world?

I don't like nor hate these people, they make money, that's what they do. If they can sleep at night, knowing that they are ripping off computer users with marketing tricks, then that's fine with me. The less protected people are the easier for my group to do what we need to do.

Which individual or what group do you like/respect outside the VX or the AV world?

My Brother: He won australian craftsman of the year award, he's the most artistic person I know and does some cool indian and framing stuff.

Hitler: I hate this person for what he did, but he achieved lots in his lifetime. He rose from being nothing to nearly taking over the whole of Europe, and I can't help but respect that.

I respect very few other people, namely because in general, people suck bigtime.

What is your view on destructive payloads in viruses?

I have strong views that destructive viruses with a long period before activation, spread better than others. For example, imagine a virus on a users hard disk. It replicates quickly into all of his files. That user, will over time, is likely to swap whatever files and other infectable objects with their friends over a certain period of time, say 3 months. After that time, they will rarely interact with other people.

So after 3 months, your virus is likely to get noticed by that person as they install new AV software, or notice strange things happening with their computer. If you destroy their computer, they won't have time to discover your virus, and meanwhile your virus is spreading through all the other people that person knew.

Do you think there is such a thing as a 'good' virus?

Good is a relative term :P I think viruses are very usefull where other software would fail. For instance, targetting a high security place so you can gain access through backdoors installed by the virus, or even just causing mass computer chaos. That stuff is not so easy with 'freeware' or trojan horse software ;)

What do you do in 'real' life?

Computer viruses really are my life. At the moment I'm taking a college course on electronic engineering, but I might switch over to a programming class soon. Both interest me, but are only there so I can get a job and stay alive while I code viruses. One day I wouldn't mind working for the government in espionage or maybe writing an AV for them :) It's always best... to work from the inside out, hehe. Gain their trust then take the bastards down!

Do people outside the VX scene know what you do (parents, girlfriend etc.)?

I've never had a girlfriend :P My parents and family don't know shit about computers though so that's useless. I gave a 15 minute speech to my whole electronics engineering class on basic encryption/polymorphism methods, and what viruses are etc... so I think they might all be onto me ;)

Do you do other computer stuff outside VX (Hacking, phreaking, warez etc.)?

Not really. I mean we all pirate stuff when we need to, but I don't sit around hording warez CD's or anything.

I also just installed linux and am relearning C/C++ so maybe I can learn a little about hacking, although it's not so much important as boycotting Win95.

Should viruses be illegal? Is there a difference between creation and spreading?

I don't really care. The only thing that will ever stop me writing viruses is me, not any crappy law.

As for spreading, well if anyone spreads my viruses and I get blamed for it when I don't even know the person spreading it... the person who's blaming me can go straight to hell.

Describe the perfect virus.

I can't, there's no such thing :P

Of course, I do have views on BETTER viruses. I think that viruses can become MUCH better at polymorphism, and also MUCH better at living in the wild.

The thing is, you see, that people aren't really writing viable for the viruses anymore, and they don't know how to :P They all have the wrong impression of what a viable virus is.

For instance, not using just one or two routines to infect files, or go resident, or tunnel.. but rather using a whole list of routines and selecting among them. This is the idea behind a new coding style which I'm writing a document on, I call it 'Smart Virus Technology' but it'll probably change, since like I said, it's more a way of coding than code.

What is your view on Windows (95)

I hate it. It's too big, it's too slow, and it demands hardware which is far from my reach. Even on the best systems it leaves too many temporary files laying around the hard disk. Also, it's important to me how much an operating system is hiding from me. Linux doesn't hide anything, DOS hides a little but not much, and Win95 hides everything. 'Hiding' makes it harder to fix problems and create new software.

What is your advice for people just starting out?

Don't lose faith, computer viruses are still viable for the wild if you code correctly. Also, back up your hard disk, you'll lose it many times while you're testing your viruses :)

Where can you be reached if at all?

Absolutely, I'm usually 'Methyl' on IRC undernet (go to the server us.undernet.org) on #VIRUS. Lately I'm trying the nick/handle 'IndianOwl' on too so you might find me under that. At the very worst go into #VIRUS and ask around.

Any greets?

Sure! Hi everyone!

Any other comments?

The AV need to give me a challenge. Meanwhile, the rest of you virus writers need to lift your game and get off your asses and start coding viable infectors again.

Also here's a list of document's I've written/am writing:

Tunneling Document Series : This was a series of 4 documents, it teaches you everything about tunneling that there is to know. It has everything for people from the very beginner to the most advanced.

Tunneling Grimoire: This is under development, it's a complete rewrite of the above series into one giant document. Lots of new information, lots of old confusing stuff removed, better example software, etc. Definately look out for it but it might not be out for quite a while.

Mid-File Infection Series: I started this series on the 2 main ways of mid file infection but scrapped the project because MrSandman said that he was releasing a complete document on it in the near future. If he doesn't put his in 29A#2 I'll release mine.

Life Support for Viruses: This is about a new method of coding that keeps your viruses in the wild for longer. It's still being written.

RHM Evolving Polymorphism: 2 beta's have been released on this, it may eventually be included in the 'LSV' document above.

Virus Techniques: This was a document on the current virus technologies available, and the pros and cons of using them. It was released as a beta, I probably won't update it, or it might be put into my 'LSV' document.

Computer Viruses - Artificial Life?: This is in development, you DEFINATELY should read this if you're interested in computer viruses at all. It is the best philisophical read ever :P

Short responses to the following names or words:

How did you get into IRG?

I joined Genesis because Rajaat is cool :) I think I asked him if I could join. G then joined with IR. I wasn't really part of the joining process, they did ask me what I thought about the join and I said it was a good idea. I'm not so sure anymore. Looking back it might have been better if Genesis stayed on its lonesome (not that IR is bad or anything).

How is IRG organized?

Well, we weren't really organized at all. At least not me, I only know the emails of a few of the members, and it seemed to me that nobody was really doing anything. I asked for some help in releasing another magazine but nobody really cared.

I think that part of the group died when Sepultura left, he really was the brains and the momentum behind the magazine #8 and it would never have been possible without him.

How is the virus scene in Australia?

Really, there is none as far as I know :P On my side of Australia I only know of one other virus coder, and he is now retired (and dissapeared!). On the other side of Australia you HAD Sepultura and Qark (both retired), and Harry McBungus (dead). The only living people there who still code (as far as I know) are QuantumG and DV8.

Would you ever consider releasing a virus creator?

Yup, I was thinking of working on one a few days ago.

What is in your future (projects) and the future of IRG?

IRG plans on sitting back and waiting for someone else to release IRG#9 hehehehe. I myself am working on all my documents listed above, and getting my team together.

Will IRG increase the number of members?

I don't know, until they show some activity I don't think anyone would want to join :)

Will IRG go into other scenes except VX? (hacking, etc.)

Personally, from what I saw, I really doubt it.

(User Added Section):

Why did you leave IRG? What were they like?

IRG was, and still is, a team of really excellent people. I mean seriously, I love half the people in that group :) Unfortunately, not many that I knew of were really coding, or if they were, were not interesting in helping me release a magazine.

I realized that an inactive group was not for me and for me to realise my full potential, and to bring it out in other people, a new, fresh and exciting group was needed... a group of my own.

I just hope you don't think I don't like IRG or don't appreciate once being part of the group. By all means, the people are great and I really did enjoy being part of IRG. Just because I didn't see anything happening doesn't mean that something wasn't happening behind the scenes, after all I didn't know all the members. And just because they aren't active now doesn't mean that they aren't going to burst into a burning productive fury any minute :)

New group?

Above, I was asked much about my old group, I thought it only convenient to let your readers know about what I hope my new group will turn out to be. Of course, things will change as new members join and voice their opinion.

This group, is not like your ordinary group. We will be a worldwide network of virus writers (and possibly people of other specialities) who communicate regularly. We will be democratic in nature. There is of course a heirachy, but rather than concentrating on the level of ability in a person, it will concentrate on what skills they have with which they can contribute to the group.

We will be labelled by the governments as terrorists, and by people as freedom fighters. We will interact with violence, wherever we as a group feel that people or information are being suppressed, even if this means releasing some of the worlds most virulent and dangerous viruses into the wild, for which there is no protection.

We will research cutting edge technology, and use what we learn to create such viruses, the virulence of which never seen before. We will use computer viruses to their full potential, and should they fail to achieve their designated impact, we will resort to other, more physical means, to do what we deem as right.

Yours Faithfully, Red Indian Owl