Interview T-2000

Interview with T-2000
by Matrix zine
[March 2000]

Tell me a little about yourself as a person, hobbies/music etc etc?

As a person, hmm.. I hate it when being told what to do, that's why I can't stand things like religion or the law. My main hobby is listening to music; bands like Slayer, Metallica, Cannibal Corpse, Six Feet Under, Carcass, Altar, Cryptopsy, Mortician, Nile, Napalm Death, and lotsa others.

Where you get your handle?

In the movie Terminator 2 there's this terminator T-1000 going around killing people and stuff, so I just added a K and here I am :)

How did you start out in computers?

We always used to have an Apple ][ around on which I played games such as Frogger and Space Invaders, this was in the 80's..

How and when did you start out in the virus scene?

I started learning assembler in the beginning of '95 when I found a copy of Ralph Burger's book "Computerviruses". The neighbourhood has ph33red me ever since :P

Do your family/friends know about your virus activities? What do they think about it? Do you care of their opinion?

They know I like virii, that's about all.. they certainly do not know my handle.. Virii are considered politically incorrect so they don't like it. I can't even get near a computer without getting accused of having trashed it with a virus, which is getting fuck-annoying.

Which programming languages do you use?

For low-level stuff I always use DOS Assembler, or Win32 Assembler, depending on the platform. For DOS screen applications I always use Borland Pascal, as I don't have a DOS C++ compiler with the timer bug fixed :P For Windoze it's always C++.

Where do you live and how is the situation of the virus scene in your land?

I was born and raised in Holland, country of drugz n' hookerz.. There's not really a scene anymore here a la TridenT, but there's some VX'ers from here.

First your virus?

My first virus? MBS/BS/EXE, full stealth, variable encrypted in boot, files, and memory, and way more, fuck, this really was a mother.. I added every possible feature I could think of. Ofcourse it was extremely badly written, but hey, it was my first virus, and I had absolutely no sources to learn from.

How many and which viriis did you write? Which do you like best? Why?

I wrote heaps of 'em, but many never got finished.. Some are:

-Gwar & Messev: Gwar was a full stealth variable encrypted bootvirus that Messev, a full stealth variable encrypted COM/EXE virus would drop. This 'package' was inspired by AntiTel/Kampana.

-Pinhead: MBS/BS/COM/EXE full stealth. This was more like a coding exercise (the thing was under a K). Actually, nowadays I
can do alot more with those same 1000 bytes..

-Chloride: MBS/BS/EXE-header, full stealth, I wanted to code a small virus that was able to propagate very quickly and unnoticed.

-Widowmaker: MBS/BS/COM/EXE slow polymorphics, full stealth, pretty much every feature I could think of at the time.

-Candyman: Inspired by Mirror.4130, makes it seem all COM/EXE files are infected with it by using the reverse of redirection stealth.

-Soulfly: Full stealth COM/EXE variable encrypting. I needed a stable DOS virus that would work in 9x DOS boxes aswell.

-HLLP.Deftones: A stupid 'resident' prepending DOS EXE infector, this was only written to demonstrate how to infect in Win32 using a new technique (the one Win32.PrettyPark now is using).

-Total Chaos: MBS/BS full stealth, variable encrypted, stealths at hardware level using INT 76h, a la Strange. And it's also a real bitch to remove from infected systems.

-Win32.Krized: PE 9x/NT global resident, polymorphic. My latest virus written for spreading purposes.

-Win95.Altar: A dumb VxD PE infector, only written to get aqainted with 32-bit VxD's. I consider VxD's to be obsolete anyways.

-Carcass: EXE full stealth, this one hides in the BIOS and patches the DOS kernel in both DOS and Windoze with a JMP_Virus_ISR.

-Win32.NetWorm: A simple worm that infects Internet hosts running NetBus servers.

Of these I like Win32.Krized the most, as it's very stable, and not too badly written.

How do you name your viriis?

Depends, sometimes I pick a name I find sound funny, or scary, or cool, shocking, controversial, etc.. Anyways, at the end it's CARO that names your virus so nowadays I usually don't even bother putting a name in.

How do you spread your viriis?

Normally via Usenet and spreaders. Spreading (if you wanna do it good) takes as much, if not more, effort than actually writing the bitch. Unfortunately lately I haven't been that good at spreading at all :(

Do you prefer a specific type of viriis? Which virus(es) do you like best?

I like 'super-virii', such as Natas and Hare. Win95.SK is aswell a real masterpiece, seldom I see code of such high quality...

What E-zine you most of all like?

There's no zine I really *like*, but I can dig.. umm.. nah, 29A started to get bloated in issue #3, and especially in #4.

Which AV product do you like best and why? Which do you piss off most?

Well, I don't really use any AV's.. If you don't run strange cracks or jpg2exe'd pr0n pictures then you don't need to ph33r virii anyways..

When I need to help someone else out tho, It's always F-Prot, it detects alot of virii, and I especially like its exact identification.. (even tho it often doesn't seem to be as exact as it claims to be).

The AV that annoys me the most would be McAfee's, mainly because it's the most overrated AV ever. The average Joe assumes it's a good scanner, which, it is not (why am I caring about this while being on this side of the fence? oh well..).

What viruswriting you most of all respect?

What viruswriter? The ones that write em for spreading purposes instead of just to increase their ego by publishing em in zines.. My favourite authors are Priest, Dark Avenger, Demon Emperor, and Neurobasher.

What do you think about virus generators?

Great concept, now everyone can create it's own nukes without even having to know a single line of assembler. However, if you use one and call yourself a coder, you're drop dead lame. Of all generators, NRLG seemed the best, then again I haven't looked at that many.

What do you think about poly engines? Which do you like best?

People are cranking-out poly engines like maniacs, just so Cicatrix can shove yet another 3 letter acronym on his Engine list.. But do they really serve a purpose nowadays? I think not..

Anyways, from the old engines, DAME was very good, and the engine of Natas aswell, TPE's decryptors are very variable, and I liked the idea of SMEG; using tables to generate complex garbage. Oh, and the concept of register tracking introduced by Uruguay was also quite smashing :).

What do you think about destructive viruses?

Virii were originally created to punish the user (see Brain), so I don't really see a reason why I should break the tradition. Also, who's gonna give a fuck if they're infected with a harmless virus, they run Scan over it and it's gone; "*yawn*, caught some stupid virus yesterday, can't even remember it's name". However I doubt if anyone will ever forget his CIH infection.. Besides, I hate it if the AV would call my virii "silly" like they do with all harmless virii, none of my virii have ever been called silly, if you know what I mean :)

How did Immortal Riot start?

MM and TU wanted to get ph33red by the warez puppies I believe :P Somewhere in '93. However, I didn't join until around 1,5 years ago.

How is it organized?

Absolutely not! I'm the only, sorta active member, there's CaptZer0 but he dun code much.

How release IR e-zine #9?

There's lack of content, we've only got a handful of sources, and I really don't wanna participate in releasing a zine that's full of collaborator stuff.

How would you consider the perfect virus?

Xtianity could be called the perfect virus, it spreads like wildfire across the globe, it's almost impossible to remove, and destructive by slowly corrupting it's host's mind..

Your plans in the future as coder and in general?

Hmm.. I don't see myself as having a future really..

Where can you be reached ?

I can be emailed at T2000_@hotmail.com, however, every mail even remotely saying "teach me how to write a virus" will be ignored.

Any greets?

No, I don't need to keep my friends by greeting them every 3 lines..

Any final word?

Nope.