Jump to content

Virus / Worm?

rufus777

By rufus777
in Applications & Coding

 Share

Recommended Posts

Infiltrator Newbie

Infiltrator

Posted
Posted

I personally find virus/worms engineering a very interesting subject. But to create one, it takes a lot of time and knowledge.

Before you can create virus/worm you must understand and have sound knowledge of how an operating system works from inside out.

You need to be very proficient with a programming language, if you wish to succeed in creating a computer worm.

Secondly you need to ask yourself why do I want to create a worm for, what will it bring about. If I unleash the worm, what the implications will be.

If I had the knowledge and the how to create a worm, I would put it to good not evil.

Link to comment
Share on other sites
Jason Cooper Newbie

Jason Cooper

Posted
Posted

It's illegal to write intentionally malicious software in many countries.

An in others it is illegal to knowingly distribute malicious software.

One good thing though is that it usually isn't illegal to know how they work. I would suggest reading up old Virus Bulletin or old issues of 40Hex to learn about the basic principles of viruses and worms.

Link to comment
Share on other sites
Guest Deleted_Account

Guest Deleted_Account

Posted
Posted

As the other replies mentioned writing a virus is a lot of work. I mean ALOT of work. I have written a hand full of them (ranging from Trojans and worms just plain old destructive viruses). They were all for testing and fun (Wrote them in programing class) but they never left an Isolated VM. I don't recommend even writing one unless you do isolate it. If it gets out you will be blamed. I did all of mine in Assembly but C++ and Java work as well. I wouldn't say mine were awesome but for the time they weren't bad. Kaspersky was the only AV that could detect it. when all the rest big names (avast,norton,avg ETC.) missed it so that goes to show how good Kaspersky is (or how bad my coding/obfuscating was :P).

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted

As the other replies mentioned writing a virus is a lot of work. I mean ALOT of work. I have written a hand full of them (ranging from Trojans and worms just plain old destructive viruses). They were all for testing and fun (Wrote them in programing class) but they never left an Isolated VM. I don't recommend even writing one unless you do isolate it. If it gets out you will be blamed. I did all of mine in Assembly but C++ and Java work as well. I wouldn't say mine were awesome but for the time they weren't bad. Kaspersky was the only AV that could detect it. when all the rest big names (avast,norton,avg ETC.) missed it so that goes to show how good Kaspersky is (or how bad my coding/obfuscating was :P).

I wonder what kind of techniques Karpersky uses for detecting a virus, it must use other means besides pure signature-based detections, which to be honest its kinda useless if there is a new virus in the wild.

Link to comment
Share on other sites
Jason Cooper Newbie

Jason Cooper

Posted
Posted

I wonder what kind of techniques Karpersky uses for detecting a virus, it must use other means besides pure signature-based detections, which to be honest its kinda useless if there is a new virus in the wild.

Chances were that he was either following tutorials online or just coded part of it in a common way for viruses and one of Karpersky's signatures covers variations of that part. It would have been interesting to see if it identified it as a general virus or a specific one.

Link to comment
Share on other sites
Guest Deleted_Account

Guest Deleted_Account

Posted
Posted

Chances were that he was either following tutorials online or just coded part of it in a common way for viruses and one of Karpersky's signatures covers variations of that part. It would have been interesting to see if it identified it as a general virus or a specific one.

I should have worded it better. Kaspersky detected it as a "threat" or Potentially unwanted program. It was it the "behavorial" (heuristic) engine that caught it not the signature engine. My virus was to "noticeable" and give it self away. Basically KP saw it trying to do something (infect drivers) and called out saying "hey you shouldn't be doing that". In a matter of speaking =P

Link to comment
Share on other sites
Infiltrator Newbie

Infiltrator

Posted
Posted

I should have worded it better. Kaspersky detected it as a "threat" or Potentially unwanted program. It was it the "behavorial" (heuristic) engine that caught it not the signature engine. My virus was to "noticeable" and give it self away. Basically KP saw it trying to do something (infect drivers) and called out saying "hey you shouldn't be doing that". In a matter of speaking =P

I knew it was some kind of behavorial (heuristic) engine. Wouldn't this kind of technique give false alarms at times.

Link to comment
Share on other sites
Jason Cooper Newbie

Jason Cooper

Posted
Posted

Wouldn't this kind of technique give false alarms at times.

Yes, but then again so too does signature scanning. It is the difficult case of trying to reduce the number of false negative and false positives, or to put it another way AV that flags up too many files as viruses that aren't are just as bad as those that don't flag up files that are viruses.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...