Approaching Zero, Paul Mungo [good summer reads TXT] 📗
- Author: Paul Mungo
- Performer: -
Book online «Approaching Zero, Paul Mungo [good summer reads TXT] 📗». Author Paul Mungo
degrees of success. It became something of a fad among computer freaks in Sofia
and other Bulgarian cities in the late 1980s. There was, of course, no
“factory” in the usual sense of the word—just a group of young men (they were
all male), probably unknown to each other, who had learned the tricks of
writing viruses through the techniques perfected while stealing Western
software.
The value to Bulgaria of all the virus-writing activity was negligible. Though
the programmers who compiled the bugs were, no doubt, honing their skills, and
some of the viruses demonstrated a cleverness and technical dexterity that may
have been admirable, viruses simply do not have any productive purpose. Indeed,
Fred Cohen—the man who coined the term “computer virus” in the first place—
once tried to find a role for them and organized a competition to write a
beneficial virus. None was found.
In any event, in late 1990 and early 1991, Bulgaria itself, no longer
Communist and not quite democratic, was going through an identity crisis.
Public confidence in the government, in state institutions, and in the currency
had evaporated, to be replaced by a deeply cynical, almost anarchic national
ethos. Bulgaria had become a country of shabby, small-time dealers, of petty
blackmarketers and crooked currency changers. The symbols of the
immediate past, of the near half-century of Communism, had been pulled down;
little had been erected in their place. But the computers that President
Zhirkov had decreed would turn Bulgaria into a modern technological power
remained, and indeed offered themselves to the new generation of computer
programmers as weapons to be turned against the state, to drive an electronic
stake through the heart of the system. Viruses would cripple Zhivkov’s dream.
In this gray time of shortages and rationing, of cynicism and despair, writing
viruses was a sort of protest—perhaps against the Communists, possibly against
the transitional state, almost certainly against the lack of opportunity and
hope. Writing viruses was a form of individualism, of striking out; it was also
an opportunity for notoriety.
Since 1988 the Bulgarian virus factory has produced around two hundred new
viruses. Most have yet to travel; only a few have reached the industrialized
West. The scale of the problem may not become apparent for several years.
Some of those who created the viruses are known, some aren’t, but the greatest
threat is Bulgaria’s most proficient and fearsome virus writer: the Dark
Avenger.
The man who was to become known as the Dark Avenger began work on his first
virus in September 1988. “In those days there were no viruses being written in
Bulgaria, so I decided to write the first,” he once said. “In early March 1989
it came into existence and started to live its own life, and to terrorize all
engineers and other suckers.”
The Dark Avenger had started work on the virus known as Eddie just weeks before
Teodor had sat down to write the first of what became his Vacsina-Yankee Doodle
series. Teodor’s virus was ready first, but the Dark Avenger’s bug was much
more malicious and infective. “It may be of interest to you to know that Eddie
is the most widespread virus in Bulgaria. I also have information that Eddie is
well known in the U.S.A., West Germany, and Russia too,” the Dark Avenger once
boasted.
The Dark Avenger likes to leave teasing references to his identity in his
viruses. As in the Eddie virus, he sometimes “copyrights” his bugs, and often
gives Sofia as the source. The text strillg DIANA P. was assumed to be a
reference to his girlfriend, except that Diana isn’t a particularly Bulgarian
name. It’s now belicved to be a reference to Diana, Princess of Wales.
The Dark Avenger also likes heavymetal music: the other text string in his
first virus, the mysterious EDDIE LIVES …, apparently refers to the
skeletal mascot, Eddie, used by the British heavymetal group Iron Maiden in
their stage act. Heavymetal symbols and motifs run through many of the other
viruses written by the Dark Avenger. A family of perhaps twenty or more viruses
can be attributed to him, all technically advanced, most deliberately malicious, some containing text strings that use the titles of Iron Maiden
tracks: “Somewhere in Time,” “The Evil That Men Do,” and “The Good Die Young.”
His viruses also mimic the posturing Satanism of heavymetal music. His Number
of the Beast virus (the name is yet another reference to an Iron Maiden song)
contains the 3-byte signature “666,” the mystical number believed to refer to
“the beast,” the Antichrist in the Book of Revelations.
Perhaps appropriately, of all the viruses attributed to the Dark Avenger,
Number of the Beast is considered the most technically accomplished. A stealth
virus, it exploits an obscure feature of the standard PC operating system to
evade detection and hide in unused space on program files so that it doesn’t
change the length of the host file. Oddly, the virus doesn’t have a payload,
though its mere presence on a PC is likely to cause it to crash.
The Dark Avenger has produced four versions of Eddie and six versions of Number
of the Beast, as well as four variants of a virus called Phoenix and four of
another one known as Anthrax (the name of an American heavymetal group). He is
also generally believed to have written Nomenklatura, the virus that attacked
Britain s House of Commons library, principally because the bug is technically
sophisticated and vicious and employs techniques that have been seen in his
other viruses. In a way, the Dark
Avenger has become so well known that any particularly destructive and clever
Bulgarian virus will almost automatically be attributed to him. The alternative
is too dire for the computer security industry to contemplate.
The Dark Avenger’s fame was evident from the response to his calls to the
world’s first “virus exchange” bulletin board, which was established in Sofia
by twenty-year-old Todor Todorov on November 1, 1990. The idea was eventually
copied by others in Britain, Italy, Sweden, Germany, the United States, and
Russia, but Todorov was the first. The board describes itself as “a place for
free exchange of viruses and a place where everything is permitted!”
Todorov built up a large collection of viruses after callers learned of his
exchange procedures.
IF YOU WANT TO DOWNLOAD VIRUSES FROM THIS BULLETIN BOARD, JUST UPLOAD TO US AT
LEAST 1 VIRUS WHICH WE DON’T ALREADY HAVE. THEN YOU WILL BE GIVEN ACCESS TO THE
VIRUS AREA, WHERE YOU CAN FIND MANY LIVE VIRUSES, DOCUMENTED DISASSEMBLIES,
VIRUS DESCRIPTIONS, AND ORIGINAL VIRUS SOURCE COPIES! IF YOU CANNOT UPLOAD A
VIRUS, JUST ASK THE SYSOP [SYSTEM OPERATOR] AND HE WILL DECIDE IF HE WILL GIVE
YOU SOME VIRUSES.
The Dark Avenger made his first call on November 28, 1990, four weeks after the
bulletin board was set up. I’M GLAD TO SEE THAT THIS BOARD lS RUNNING, he wrote
Todorov. I’VE UPLOADED
A COUPLE OF VIRUSES TO YOU. I HOPE YOU WILL GIVE ME ACCESS TO THE VIRUS AREA.
To which Todorov replied, THANK YOU FOR THE
UPLOAD. YOUR SECURITY LEVEL HAS BEEN UPGRADED … AND YOU HAVE ACCESS TO THE
VIRUS AREA NOW. IF YOU FIND ANY OTHER VIRUSES, PLEASE UPLOAD THEM HERE.
When it was learned that the Dark Avenger frequented Todorov’s bulletin board,
other users began leaving messages for him.
HI. DARK AVENGER! WHERE HAVE YOU LEARNED PROGRAMMING?
AND WHAT DOES EDDIE LIVES MEAN? AND WHO IS DIANA P. ? IS SHE YOUR GIRLFRIEND OR
WHAT? The queries were from Yves P., a French virus writer. Free Raider posted
his salute on December 9th: Hl, BRILLIANT VIRUS WRITER. Another message said,
Hl, I’M ONE SYSOP OF THE INNERSOFT BULLETIN BOARD. SHOULD I CONSIDER MY BOARD
NOT POPULAR BECAUSE YOU DON T LIKE TO CALL IT? PLEASE GIVE IT A CALL.
The messages from his fans reflected the Dark Avenger’s new status: he had
become a star. In the two years since he created Eddie, he had become the
computer underworld’s most notorious virus writer. He had established a brand
identity: the Dark Avenger’s viruses were known to be the most destructive and
among the best engineered ever seen. His fame, as he knew, had spread
throughout Europe and to North America as well.
So it’s not surprising that he wanted to be treated like the star he was, and
reacted badly to criticism. In March 1991 he sent the following message to
Fidonet, the international bulletin board network: HELLO, ALL ANTIVIRUS
RESEARCHERS WHO ARE READING THIS MESSAGE. I AM GLAD TO INFORM YOU THAT MY
FRIENDS AND I ARE DEVELOPING A NEW VIRUS, THAT WILL MUTATE IN 1 OF
4,000,000,000 DIFFERENT WAYS! IT WILL NOT CONTAIN ANY CONSTANT INFORMATION. NO
VIRUS SCANNER CAN DETECT IT. THE VIRUS WILL HAVE MANY OTHER NEW FEATURES THAT
WILL MAKE IT COMPLETELY UNDETECTABLE AND VERY DESTRUCTIVE! Fidonet may not have
been the best outlet for his boasting: its users are mostly ethical computer
enthusiasts. The Dark Avenger received a flood of replies, from all over
Europe. Most were critical; some were abusive. The Dark Avenger replied
testily, I RECEIVED NO FRIENDLY REPLIES TO MY MESSAGE. THAT’S WHY I WILL NOT
REPLY TO ALL THESE MESSAGES SAYING “FUCK YOU.” THAT’S WHY I WILL NOT SAY
IY MORE ABOUT MY PLANS.
At thirty-one, Vesko Bontchev is surprisingly young looking, thin and somewhat
frail. He is a serious man who speaks deliberately and intensely about the
virus problem in Bulgaria. He lives with
his mother in a shabby five-story 1950s block on a characteristically grim East
European housing estate on the outskirts of Sofia. The apartment is large by
Bulgarian standards: Vesko has his own room.
Although he is unassuming, it is apparent that he is proud of his reputation as
the country’s foremost virus fighter and of his contacts with other researchers
in the West. His position is ensured by his oddly symbiotic relationship with
the Dark Avenger, one that almost parallels his earlier relationship with
Teodor. Because the Dark Avenger lives in Bulgaria, Vesko’s position as a
lecturer and researcher is secure. At the same time, Vesko contributes to the
Dark Avenger’s fame by publicizing his activities abroad. In a curious way the
two need each other.
Cynics who have noticed this have argued that if the Dark Avenger hadn’t
existed, it would have been in Vesko’s interest to have invented him. Some have
even theorized that the two are one and the same: that the quiet, intense virus
researcher has an alter ego—the demonic, heavymetal fan, the admirer of
Princess Diana, the virus writer called the Dark Avenger. The Avenger has
himself contributed to the notion: one of his viruses contains Vesko’s own
copyright notice, and every so often he teases Vesko. Once, the Dark Avenger
wrote: “To learn how to find out a program author by its code, or why
virus-writers are not dead yet, contact Mr. Vesselin Bontchev. So, never say
die! Eddie lives on and on and on …”
In an interview in a Bulgarian newspaper, Vesko was asked about the rumours.
“Can you give me the name of Dark Avenger?” the reporter queried.
“No.”
“Is it possibly you?”
“I have been asked similar questions both in the West and in the Soviet Union.
But it is not true.”
Despite the rumors, Vesko isn’t the Dark Avenger—but he does provide the
oxygen of publicity for the Bulgarian virus writer. It suits them both: for
Vesko, the Dark Avenger provides the raw material for his reports; for the Dark
Avenger, Vesko’s watchfulness ensures his own reputation as the demonic
scourge of computers.
The two young men—the hunter and the outlaw—are locked in an unfriendly
embrace. The relationship between the two is one of mutual distrust, which
neither attempts to disguise.
Comments (0)