What Happened Here?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
What happened to this group.  Even with my filtering turned off, there
haven't been in any posts here for many, many days.  This used to be
very active group as of a month ago or so.

Re: What Happened Here?

tomt@whoreallycares.net formulated on Sunday :
Quoted text here. Click to load it

Funny, the group is here yet the participants are gone. Years ago (or
is it decades now) this place was hoppin'.



Re: What Happened Here?


Quoted text here. Click to load it
Maybe a Virus got all of them  LOL



Re: What Happened Here?

"FromTheRafters" wrote:

Quoted text here. Click to load it

I'm here, so if someone wants to post an interesting technical problem
or discuss malware analysis I'm all ears (eyes). Malware removal can
be left to (and is best done on) the forums.

Quoted text here. Click to load it

Same with most newsgroups. It's only a few specialist tech groups, not
the alt.* hierarchy, that have any real traffic. The web2 generation
don't even know Usenet exists. They're too busy having their personal
data harvested on the TwitBook social networks.



Re: What Happened Here?

Ant wrote:
 
Quoted text here. Click to load it

Who wants to discuss malware analysis and get shit upon by everyone when
they admit to using anubis instead of wireshark?

It's that kind of bullshit that turns people away.

Re: What Happened Here?

"Virus Guy" wrote:

Quoted text here. Click to load it

Yeah, I thought that was a bit unfair but, as was later pointed out,
your manner sometimes rubs people the wrong way.

For some reason (probably I was busy with something else) I didn't get
involved with that thread but did briefly examine the malware
(Label_Copy_UPS.exe) and found it to be similar to something I'd seen
before so didn't pursue it. Just so you know, it's a downloader and
the previous sample installed a fake security program and what looked
like a password stealer.



Re: What Happened Here?

Ant formulated on Sunday :
Quoted text here. Click to load it

I agree. Especially since hijackthis and other such logging tools are
really helpful yet are mostly unwelcomed here. I was hoping the
'antivirus future mode' thread would develop into something. I like the
discussion aspect better than the helpdesk aspect of the group.
Quoted text here. Click to load it

:D



Re: What Happened Here?

On Sunday, December 2, 2012 5:08:02 PM UTC+2, FromTheRafters wrote:
=20
Quoted text here. Click to load it

Yeah right, says he.  All ears but as soon as somebody disagrees with him h=
e'll get shit on.

To answer the OP, one reason this group is dead is that I've only been lurk=
ing.  I could spice things up and start posting again, but my fertile mind =
is engaged with other bullshit at the moment.  One pet project of mine:  us=
e the GOF strategy pattern known as MEF to allow a noob (like Dus t bin) to=
 'drag and drop' parts of a virus / malware (from a family tree or menu of =
such badware) to build a 'designer virus'.  Using .NET it would compile an =
executable that would in theory be a zero day vector.  I am however researc=
hing the legal issues and there's lots of ambiguity out there.  For instanc=
e, besides a consent form for no liability, I would have to cripple the exe=
cutable so that it does nothing except evade detection by the antivirus pro=
grams--nothing more than that, as this is an academic exercise.  Also I wou=
ld imagine if I can think of doing this it must have already been done by m=
ore clever minds than mine--there must be a 'design your own badware' kit o=
ut there, that in theory can generate a 'new virus' every time by simply re=
compiling the code so it has a different hash signature.  Anybody?

RL

Re: What Happened Here?

RayLopez99 wrote:

Quoted text here. Click to load it

It is very likely that the reason for lack of interest in this group is
linked to the personal flames that you and many others continue to
post.I remember when I was younger and someone encountered your
behavior in a public place they were asked to "Take it outside". If you
had the interest of helping others, as your reason for posting, it may
actually bring some interest back.

Just my .02 cents.

--
Sir_George

Re: What Happened Here?

On Sunday, December 2, 2012 6:32:17 PM UTC+2, Sir_George wrote:
Quoted text here. Click to load it

FU old timer.

Quoted text here. Click to load it

This is hardly a public place in the traditional sense of the word, but thanks
for your two cents.

RL

Re: What Happened Here?


Quoted text here. Click to load it


Obviously a lame troll for me here. :) I've been retired from VX for
nearly 13 years. You're still playing catchup. You've yet to write one
functional virus. You can't even explain how Irok, a prepender,
functions. Using .net huh? What happened to c++ or assembler Ray? Quit
reading the book did you?

So please, you aren't likely to be making a "designer" virus anytime
soon. A designer trojan more likely. What a waste of time and resources.
You're still trying to learn how to write junk! Months later.

I could have already taught you this simple! stuff.. But, you need to
learn to spell first. It's Dustin. Your lord and master.

Quoted text here. Click to load it

a zero day what? You don't even have the terminology down.

Do you know how big your .net critter is going to be? Are you going to
cavity infect, append, prepend, overwrite, companionize..

What is your method of infection, Ray? :)

Quoted text here. Click to load it

All of mine had a safe infect feature. 13+ years ago, Ray. You're way
behind the times here with your scripto kiddo skills.

Quoted text here. Click to load it

recompiling the code? LOL!!!!!

Not all viruses are HLL and thus are not all compiled. Sections of IRok
were compiled, sections were assembled. it was all LINKED as libs/obj
files later to make the near final .exe. Then additional work was
performed on the .exe to turn it into "Irok!". ph33r.

You will be doing many of the same things with your .net virus. Aside
from obj files. But, the internal modifications will still need to be
done; if you intend to use any crypto or anything else cool.

My guess, It'll be 2015 or more before we see any self replicating code
from your dumbass. Case in point.. Simple question below:

Ray, how does irok, a prepender, infect files?


--
Notice: Changing the toilet paper roll does not cause brain damage.

Re: What Happened Here?

On Monday, December 3, 2012 1:00:36 AM UTC+2, Dustin wrote:
 
Quoted text here. Click to load it
 
It's clear you have no clue Dustbin.  I told you no infection.  I'm talking
about the "Strategy" pattern in the Gang of Four design template.  And I don't
need to recompile after all it turns out, but that's off topic.

You really need to come up to speed with Object Oriented Programming.  I'm not
here to teach you, sorry.

RL

Re: What Happened Here?


Quoted text here. Click to load it

ROFLMAO. Ray, how does irok, a prepender, infect files?

You're working on a designer virus in .net. If it's to be a virus, it must
infect. that's really not optional. ROFLMAO.
 
Quoted text here. Click to load it

Uhh, yea.. okay. [g]


--
Notice: Changing the toilet paper roll does not cause brain damage.

Re: What Happened Here?


Quoted text here. Click to load it

Ray please be nice to Dustin because he may sound brash but there is the
occassional moment when he's nice.

Should we give him a chance and ignore his annoying bluster?

Jax
--
Bear Bottoms
http://bearware.info

Re: What Happened Here?

On Sun, 2 Dec 2012 23:00:36 +0000 (UTC), Dustin

Oh, shit!  As I had said, I took my filters out of the line just to
make sure I hadn't screwed up and one of them might have been the
reason I wasn't seeing any posts in the group.  Unfortunately, I again
have to read a post by the shit-talker.  I'll bet the "retired"
criminal virus writer is one of the main reasons this group is on its
way to extinction.  It's really sad that there are some who not only
tolerate, but engage in conversation, with this criminal.  

Excuse me while I refilter.



Re: What Happened Here?

4ax.com:

Quoted text here. Click to load it

LOL!!!!

Thanks for filtering.


--
Notice: Changing the toilet paper roll does not cause brain damage.

Re: What Happened Here?

tomt@whoreallycares.net wrote in

Quoted text here. Click to load it

You haven't been seeing any posts because there haven't been any.

Quoted text here. Click to load it

You didn't need to remove me from your filters. I have nothing to do
with the lack of posts here. Viruses just aren't the big thing anymore.
I think the world has moved onto more important things, than some
viruses a person wrote 12+ years ago.

What's really sad is your inability to let go of the past. I was one of
many virus writers. Mine were really no big deal in the grand scheme of
things. It was never criminal to write them, btw.
 
Quoted text here. Click to load it

I'm sorry you have a need to hold a grudge with me for things I've done
a very long time ago. I don't participate in those activities anymore
and have not done so in a very long time. I believe I've tried to make
good for some of the harm I caused with BugHunter and my time at
MalwareBytes. I'm not the same vengeful prick I was in the 90s/early
2000.

I won't sit here and try and convince you or anyone else that I've
changed. Words alone mean nothing. Instead, I invite you to check on my
work itself. You'll find nothing malicious authored by me since the year
2000 and you never will beyond that year.

--
Notice: Changing the toilet paper roll does not cause brain damage.

Re: What Happened Here?


Quoted text here. Click to load it

*sigh*... nice misspelling isn't it? [g]



--
Notice: Changing the toilet paper roll does not cause brain damage.

Site Timeline