Interview with SpTh (Second Part To Hell) www.spth.de.vu =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- +=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+ | This interview was made through mail by DvL for .: BZ #1 :. | +=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+ DvL: Hy! Tell us something about you(hobby, music, how old r u ...). SpTh: Hy! OK, I'm a 16 years old guy living in Styria, that's a part of Austria. In my oppinion, that's a very beautiful country and I'm happy about living here. My hobbies are writing computerviruses (but I think you know it :D) and other virus related tools. Beside of computer and viruses my hobbies are meeting friends and do some shit things together (like drinking alcohol or whatever). My favorite music is KoRn, Slipknot, Alice Cooper, ACDC, Uriah Heep, Slayer, Nirvana, Boeze Onkelz, Machine Head, Black Sabbath, and so on... DvL: When did u entered the vx-scene and what was your first virus ? SpTh: I began my "career" in the scene in march 2002, with starting to write my Batch Worm Generator, but I wrote viruses long time before (only silly trojans). The first maleware I made was Trojan.Snooby in November 2000. It was only a very lame QuickBasic program deleting everything in c:\ and c:\windows. Because of my stupidness at that age I spread the thing (i've collected eMail address, and I had about 500 ones). Some weeks after that I noticed, that Trend Micro (AV) detected the thing. Since then I've started to write more viruses. DvL: What languages do you use and which one is your favorite ? SpTh: Starting writing viruses I've used much QuickBasic for my programs like the BWG and only Batch for my viruses. After discovering much techniques in Batch (like encryption or polymorphism) I desided to learn something else. About 8 month ago I've learned JavaScript and VisualBasic (for my programs). That time I've made a program called JavaScript Generator, which was the first JS-VCK ever. And about 2 month ago I've tried to make Assembler viruses. Beside of viruses I also know a little C++ and Pascal. I also know VBS, but I've never used it, and I also won't use it any time in the future for viruses. DvL: Do you have a girlfriend/relation-ship ? SpTh: No, currently I don't have a girlfriend (it's hell to go to a party with and much nice girls, and you know, you have a girlfriend - the opinion of an 16 years old boy :D ). But i some of my best friend are girls. DvL: Your family/friends know about your vx activity ? SpTh: My father and my mother knows it, but they don't care, because I've told them it's not illegal to write viruses without spreading. And some of my best friends know it (some of them also helps me with some things). DvL: Why do you create virii ? Is it for fame, or is it a hobby, a job u like to do ? SpTh: When I've started writing viruses I've did it, because viruses were a mystery for me. Now I'm doing it because it's a hobby, and you'll learn much things while writing viruses (maybe about the OSes or about the computer language). I also do it because of the fame, because is you make some good viruses or viruses-related tools or writing some good articles about techniques you discovered, and you contribute it to some good zines, much people know about your knowlegde and so on. Maybe I'm also doing it because of a job, because I want to work some years in the future in a security company ;). DvL: Who are your best vx friends ? How about the enemies ? Spth: I've much friends from the scene. For instance philet0ast3r, Vorgon, SAD1c, Arzy, VirusBuster, Necronomikon, VorteX, Worf, Gigabyte, YOU ;)... the list will be endless. A cool thing is, that I'll meet philet0ast3r and some other from rRlf in real life in june 2003 (that's in 2 weeks :D). I don't really have any enemies, there are just some people, which don't respect my works. But I don't care, I also don't respect there works ;) DvL: If u will ever get married, will u quit the scene ? SpTh: At my current point, I won't quit, because writing virus is no crime. But maybe in ten years i'll think different. So I can't give you a useful answer this time. DvL: What are you future plans in the vx-scene ? A new language to learn maybe ? SpTh: As I've already told you, I'm learning ASM (Win32ASM). My current point of knowlegde is, that I'm able to write a simple overwriter ;). But asm is for sure the best virus-language in the computer-world, and because of that I want to learn much more about it. When I'm better in coding asm, I want to make a asm32-VCK (better than SnakeByte's "New Generation Virus Construction Kit" :D). That's all for the moment. You may think, that's not much, but learning asm is really hard, because of that I don't have much other plans for near future. DvL: Have you ever been hacked or infected ? SpTh: I've never been hacked by somebody, also i don't have a "Anti-Hacker" program at my computer. But I've become infected about 1.000 times, most times by my one viruses. About 99% of my infections happend, because I tested one of my one virus, and i forgot to delete it, or the infected files, or the copy of it in the autostart ;) But that was no really problem, because i nearly never include any type of payload. The most silly thing I ever did was downloading VBS.NewLove and run it. After doing that, every file at my computer (about 25.000) were a .vbs with size of 0 Bytes. ;) DvL: Do you consider BATch as lame ? Why ? SpTh: No, I don't think so. If you don't ripp things from other or include techniques that you can see in 1.000.000 other viruses, it will be make sense to write such viruses. I think, that batch is the beginner language for very much vxers. And most of them upgrate to higher languages after some time (i wrote batch for about one year). DvL: Who can be called a lamer ? SpTh: People, which steal the source of a virus or tool, change some no-important things, and tell everybody, that it's there one virus/tool. Two weeks ago I got a mail by kefi telling me, that a person copied my BWG source, changed some display-messages and released the thing at his homepage with the message, that it is his one tool. Such people are really lamers. DvL: Do you think virii making is dying ? SpTh: No, as long as computer live, as long viruses will live. The problem is, that much good coder left the 'scene'/stopped writing viruses. Much people talking about "dying of the scene/virus making", but most of them mean discovering new techniques. And that's true: Last two years much coders stopped discovering new things. But I think/hope that there will be other virus writers, which continue doing that. DvL: Do you think that too many scripts and too many lamers suround the vx scene ? SpTh: There are much script-writers out in the world, but i think, if they discover new things in that language, it will be ok. But the point is, that the most standart things in scripts are already discovered. In my oppinion, lamers are no part of anything. They are just wasting hours, while copy/paste code of other real coders and hoping, that the shit will work. They aren't really in the scene. DvL: Are virii a method of revenge ? SpTh: There are much codes around the world, which contains some fuck-messages to some people (for instance G. Bush | O. Bin Laden | B. Gates (i don't know the reason) etc.), but I think, nobody cares what's the message in any bugged virus in the world. ;) DvL: Do you like dangerous virii payloads ? SpTh: No, i don't like dangerous payloads. There are some reasons for it: The most payloads are already used in much other viruses, and it's lame to copy the payload of an other virus. Reason two is, i don't spread my viruses, and because of that a payload would be senseless. The only virus with payload i like is the CIH-virus, because it's a hardware-payload (it kills te flash-bios-chip). There are some other viruses with hardware-payloads (like destroying the printer or the screen , DOS-viruses), but in new win32 OSes, it's not possible to make something. DvL: What is your favorite zine or mag ? SpTh: There are much magazines I like (i've downloaded every ezine that i could find). My favorite ezines are CodeBreakers, iKx, 29A, Matrix, VX-Tasy (by Lord Julus), rRlf (hehe...), b0, coderz.net, *-zine, ebcvg, Line Zer0 and VDAT (don't know, if it's a real eZine). That's everything i think. DvL: If u would be caught, after that, will u create any new virii ? SpTh: I won't be caught, because I don't do anything illegal (I don't spread viruses) ;). But maybe Austria's law will be changed and I will be caught. I don't know, what to do after that. It would be hell after writing viruses. DvL: What's your favorite AV and why ? Which do you think is lame, why ? SpTh: My totally favorite AV is KAV, because they detect my viruses with the real name, and they regularly visit my homepage (about every 2 days). I think, they are the only AV company, which is able to detect all viruses from my BWG and from my JSG. They are also the only company which is able to encrypt my Batch "set encryption". A very lame program is AVPE (a german freeware virus scanner), because they are not able to detect anything from my BWG. And i don't want to talk about detection of my Batch encryption ;). I also don't like Norton AV, because the program is very slow and they've never looked at my homepage. A really good scanner was Dr. Solomon, but i think, they stopped there AV program. DvL: How do you see the life without virii, a perfect world maybe ? SpTh: A world without computer viruses would be hell. And if they would not exist, I'll discover writing viruses. ;) DvL: Greetz and 10x, last words[ i'm not killing you :) ] ... SpTh: Much thanks for leting me introduce myself and tell something about me. ;) Now I want to send some greeting-letter out to the world: - philet0ast3r - Vorgon - SlageHammer - VirusBuster - SAD1c - VorteX - Worf - Alcopaul - jackie - Arzy - Necronomikon - Nekr0 - Gigabyte - Metal_ - VxF - PakBrain - Belial - Malfunction - Tim Strazzere - SnakeByte - TRNEY - Kefi - Industry - Energy - PetiK - Brain Perl - GigaByte - Ratty - [K] - mgl - Zed - herm1t - Positron - YOU[DvL] ... I hope, i didn't forget anybody. Interview with SpTh (Second Part To Hell) www.spth.de.vu =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- +=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+ | This interview was made through mail by DvL for .: BZ #1 :. | +=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=+ 27.05.2003, Romania