Interview Stealthfork

Interview with Stealthfork
by Cicatrix
[February 1999]

How did you start out in computers?

With a C64 and a 20 years old TV-set. I learned the BASIC programming (? :) language. Sitting all the night in front of the computer i used to write programs that did my math homeworx. ;-)

How and when did you start out in the virus scene?

If i remember correctly it was in 1994/95 (?) when i got some VX zines. I already turned from C64 via A600 to a PC and learned ASM. I was fascinated by the 40hex zine and their hints how to trick debuggers and how to write stealth viruses. The first time i saw this zines i wished that i one day will be as famous as these gods (hellraiser, stormbringer...) was.

Have you written viruses? If so which would you like to take credit for?

Yes i did. I like all viruses i built. Don't even know wich was the best/worst. ;-)

The one i got dozens of mail about from all around the world was the kernel infector.

How do you name your viruses?

Well, the first one was VLP - i cannot remember what it means. The L stands for 'love' but the other chars...i don't know. ;-) The 'k0dy project' also called 'the module' wich infects linux kernel modules was named after the song 'kody' from matchbox20. I heared the CD while writing this one. 'Califax' is a dude from a german comic, the other 2 guys from this comic are 'Brabax' and 'Abrax'. TLB (my last) means 'The lovesick Brabax'.

Which programming languages do you know?

Umm...i know a lot: Assembler, BASIC, C, C++, Pascal, Modula2. But i don't like them all.

What programming language do you like using the most?

Yeah. This is the right question. I usually code in C/C++. Since asm inline code is allowed i still know what opcodes are...

Are you a member of a VX group?

I was founder and leader of SVAT.

Which AV software do you like/respect the most? Which the least?

Difficult. I used to hang around on UNIX machines. Don't even know what the best heuristic engine on M$ is... What i like is the AV soft from VX dudes such as special monitors and so on.

What are your goals (VX wise)?

I found friends and learned a lot of programming technix. It would be difficult to learn these technix without writing viruses i think.

What is your view on the continuous 'war' between VX and AV.

As long as the technology grows it's ok i think. Imagine there wouldn't be AV, would we have stealth viruses or poly engines ?

Where did you get you handle? What does it mean?

There is nothing more to say about 'what it means'. I like stealth-viruses, so no wonder why i chose this nick i think.

What is your view on Virus Creation software (eg. VCL, PS-MPC etc.)?

I would NEVER use them. But it is a kewl way to show how good you are if you write a perfect construction kit.

What is your view on macro viruses vs. assembly or HLL viruses?

When i began writing viruses there was no way without assembler. Thus only the best programmers wrote viruses. Today its much simpler. I think the future are HLL viruses because the OS's get more and more complex and the viruses too. ASM is not the right way to handle complex and big programs. But nevertheless, ASM will never die.

Have you ever confirmed one of your viruses 'in-the-wild'?

Never. And i'm proud of it.

Which VX E-zine do you like to most? Which the least?

Hu...my fave _was_ 40Hex, but today there are also good ones outta. I tend to say that 29A releases the best VX-zine although there are other good ones.

Which individual or what group do you like/respect in the VX world?

Everyone who was neat to us. Thus i can say that CB and 29A are good groups. I'm sure i forgot a lot of other groups/persons.

In the AV world?

I don't know any real AV'er.

Which individual or what group do you like/respect outside the VX or the AV world?

I like the Trojan5 group and the K.A.L.U.G. (www.kalug.lug.net) who spend accounts and webspace to us. I respect all the hackers who didn't forgot their codex and who rather _write_ their code instead of downloading it from rootshell.

What is your view on destructive payloads in viruses?

I don't accept, write or support destructive code.

Do you think there is such a thing as a 'good' virus?

This is a philosophical problem. Per definition viruses are not good.

What do you do in 'real' life?

I'm a computer science student, thus learning a lot of mathematics and play around with computers and networks. I get my money with writing UNIX system software, such as special daemons, network-software etc. . I like to hear heavy guitars such as punkrock and metal stuff.

Do people outside the VX scene know what you do (parents, girlfriend etc.)?

Nobody has a clue. Except of my long hairs, my own LAN or my knowlegde about UNIX systems there is no way to identify me as a freak. ;-) I wish the girl i love would know what i'm doing.

Do you do other computer stuff outside VX (Hacking, phreaking, warez etc.)?

I do what the security people call real 'hacking'. This is _writing_ code, not to use it in a bad manner. The debugger is my best friend, tcpdump my brother. The BSD socket's are in my pockets and GCC ask's me what to do. ;-P

Should viruses be illegal? Is there a difference between creation and spreading?

Writing viruses should not be illegal. Spreading it should be (or even is) illegal.

Describe the perfect virus.

100% stealth within a 100% undetectable poly engine. 0% destructive.

What is your view on Windows (95/98)

Fat, buggy, insecure and expensive. I don't understand why ppl use it.

What is your advice for people just starting out?

Buy a good book (or 2 or 3...) and get tons of sources. Read them, read them, read them. Spend your time on creating anything new and unique, not on writing malicious code. If you go deeper, decide if it's worth to do so. You may loose your old friends or your job. Be carefull. Everyone has a reason to kill you. Be paranoid.

How did SVAT start?

There was a time when a very nice girl started confusing me. I was really down. All the world was the whole pain to me. Also the shit army wanted to draft me and my friends. Since i hated all around me i started trying this what i readed in the zines - viruswriting. I went deeper and deeper into the stuff and found that it was time for getting a nick and a group. SVAT was born. I asked a friend i already knew at this time (NetW0rker) and he was fascinated from this idea. Since then i almost wrote the viruses and he the AV stuff to detect my code. We are a damn good team. We built up a homebase and a small, so called SVAT-network, wich was open for VX-guys while we talked to #vir. One day it was too open and some dudes from another channel broke into our machines. Both of them started 'talk'ing to us during breakin. We became friends and thus they (HyperSlash and MemWalker) joined our team; not for coding but for testing and support. All for a girl.

What does SVAT mean?

SVAT == Special Viruses And Trojans. I was inspired by the special police group named SWAT. :)

Did SVAT quit and if so why?

We decided to quit because we have not the time to create new virii. It was clear for us from the very first day that this cannot be forever. We all have to live our real live now, working and having fun. We retired to a nice place in deeper asia, from where we discuss with some old and new friends about hacking/programming and punk-r0ck. ;-)

Any greets?

A lot...Since we quit we take this for our last chance to greet and thank all the people from VX who gave us articles in their zines, source-codes, OP-status in #vir and a very very kewl time on earth. This are (in no order):

Spooky, SerialKiller and the other Codebreakers, Darkman, Reptile and the other 29Aers, Sizif, NightmareJoker, Fireball aka Dr. Dope, Rhape79, Starzero, t00fic, Techno Phunk and any other we forgot in this list.

This are the ppl we (NetW0rker and me) want to greet. Live long and prosper.

Any other comments (take all the space you need)?

IMHO it's a necessary phase for every good programmer to learn about viruses. You will get a incredible knowlegde about your OS, how and why things work. Although most people say that writing viruses is only done by brain-dead individuals, it is not. The most ppl i know are skilful programmers, or better: all skilful programers i know have written viruses for a short period of time. This is the sillyness: They all want you to be a damn good programmer, but they don't accept how you go there - with viruses or with hacking! Don't stop thinking guys!

Stealthf0rk / SVAT