Security Links
Packet Storm
S0ft Project
Security Focus
Secure Ops
Security News
Daemon News
The Onion
IRC Channels and news
AntiOnline gets 0wned
Personal shiznit
Chick of the week
MacroShaft Advisories
Our coding
Older stories
ShadowVx.com Speaks
reported by:sil
Last Modified On: 2nd June 2000 10:20am
Q & A with the crew from ShadowVX.com

While all the rage is on viruses and backdoors, would you care to explanation as to what
exactly it is your members do? One not too familiar with the scene would think most virus
coders are evil pricks out to rm -Rf /* the world. Whats your guys description of the
virii field?

Well, many virus coders do not agree to destructive payloads now. The idea of a virus is
to spread. What is the use of a virus that infects a computer and formats it's hdd? In
effect it is killing itself... not the best idea if it wants to spread no?

With regards to what ShadowvX members do, we code viruses that incorporate new or
existing virus techniques. We try to code viruses with things like ICQ spreading or
virus networks. Only a few of our codes have made it into the wild, but they had to be
released. Ya know, new techniques, lets see how far up the AV "Dangerous" list we can
get :] We make it a policy though that no code gets released unless all members agree
it should. And we ain't no evil pricks either... we are like you guys, doing what we do
to prove that computers are too relied upon these days...

Back Orifice, Netbus, Melissa, Tuxissa, ILOVEYOU, were plain and simply maliciously coded
virii, we know some virii coders assist companies like Symantec, AVP, etc, whats your
outlook on the creators of these program like Melissa, etc.?

Well, with Melissa it certainly showed MS a few things. Most of the code that gets
released are to show or exploit vulnerabilities in software or hardware.. it just seems to
only happen with MS software.


My view on these types of coders is no different from how I view other virus coders. They
want to create something and show that humans rely too much on computers now a days.

Its taboo as hell to have a virii related site on a security site, being its mainly a
misunderstood aspect of the security field, but we're like the "Raw Dog, Slap You In Your
Damn Face Whether You Like It Or Not!!!" security site, so what exactly can someone gain
by reading information on your site?

Well, with the recent .com address we have been able to supply web hosting for vXers.
There is also a large collection of resources and has many links to other vX groups.
Also, our PR people are working their arses off to get the public to ignore the fact
that we are "adolescent teenagers with no life or relationship" cos it has been proven that
we are not. So, a visitor to our site has basically all the information they need to
start with virus writing. And we always make it our number 1 priority to keep the site
updated and add what we can to it.

Its an already known fact people around the world tremble when they hear the word
AntiOffline in a sentence. Everyone from RFP, to the guys at w00w00.org, to Aboriginees
in Australia. So would you care to admit that you really fear us?

We tremble at your feet, oh great one. But seriously, we fear no one. All groups, no
matter what scene, should work together. I accept the fact that some groups like 29a
and AntiOffline have more knowledge or "word of mouth" spreading than groups like
ShadowvX but it only seems to be people that are not directly related to the scenes
are the ones that fear the groups.

Media plays an uncanny role in relaying security articles. We all know how things get
twisted and misrepresented on a common sense level to those into the security scene.
What's your guys take on media portrayal of Computer Security? Being you guys would
have to receive more hate mail then David Duke, whats your view whether virii related
or just personally related?

Media seems to hype everything up. The thing I notice about reporters, is that they
have a go at us because they do not have the knowledge to actually do what we do and
don't like that fact. They put a bad impression on us because they are either
jealous or too scared that we may actually do something useful. The media seem to
keep the AV companies alive to some extent. Norton "There have been x number or
viruses released this month, make sure you are protected" bullshit is just a way of
getting people to send them money.

With hate mail, personally, I only get things like "you have infected my machine
you bastard" Normally I reply to these emails with instructions on how to remove
the virus. As I said earlier, it is not our goal to infect as many machines as we
can. Mainly the cause of these infections are people downloading the source,
compiling it and running it to "see what it does" and then blaming the coder for
their ignorance.

Where do you see computer security going within the next two years on a virii
level. What do you think the industry needs to do when assessing threats like
Melissa, Tuxissa, and the yet to be released antioffline virus?

I think computers will always be vulnerable. You will never get a totally
secure computer, as I presume you may know. Coders and hackers alike will
always find new exploits to use to continue their hobby. In two years, I guess
computers will advance so much, that virus coders will have more ways of
spreading their codes, and hackers will have more data available to them.

In the case of viruses like Melissa, it is up to the coder how advanced he
codes his virus. If he uses old techniques, it is likely to get detected.
But finding and expoiting an unknown vulnerability, the code will go further.

ruzz` ruzz@shadowvx.com
ShadowvX Admin
[http://www.shadowvx.com] - [Undernet:#shadowvx]
PGP: http://www.shadowvx.com/pgp/Ruzz.asc

Version: PGPfreeware 6.5.3 for non-commercial use http://www.pgp.com


J. Oquendo

Alternative OS'
Storm Linux
Stampede Linux
Caldera Linux
Corel Linux
Debian Linux
Friend's Pages
Dragon Ware
Danger MS
Genocide 2600
S0ft Project
Minga's Page
Fergie the Hacker
Site of the Week

Questions, comments, flames, etc can be e-mailed to sil@antioffline.com. Ultrasecure webhosting provided by Siliconinc.net