------------------------------

From: Various
Subject: The CU in the News
Date: January 22, 1991

********************************************************************
***  CuD #3.03: File 4 of 4: The CU in the News                  ***
********************************************************************

From: Anonymous
Subject: Bulgaria and Computer Viruses
Date: 12-20-90 2253EST

  "BULGARIA'S LEADING HIGH-TECH EXPORT APPEARS TO BE COMPUTER VIRUSES"
                From the New York Times, by Chuck Sudetic

SOFIA, Bulgaria -- Bulgaria has become the breeding ground of some of the
world's most lethal computer viruses, programs that are maliciously
designed to spread through computer memories and networks and at times
destroy valuable stored information like bank and medical records.

"We've counted about 300 viruses written for the IBM personal computer; of
these, 80 or 90 originated in Bulgaria," said Morton Swimmer of Hamburg
University's Virus Test Center, who specializes in diagnosing and curing
Eastern European computer viruses.

"Not only do the Bulgarians produce the most computer viruses, they produce
the best."

One Bulgarian virus, Dark Avenger, has infected American military
computers, said John McAfee, who runs the Computer Virus Industry
Association, which is based in Santa Clara, Calif., and tracks viruses for
computer hardware and software companies.

"I'm not saying that any super-secure computers have been infected," he
said. "But the U.S. Defense Department has about 400,000 personal
computers, and anyone who has that many machines has a 100 percent
probability of being hit."

"It is causing some people in sensitive places a lot of problems," a
Western diplomat here said, "and they are very reluctant to admit they have
them."

"I would say that 10 percent of the 60 calls we receive each week are for
Bulgarian viruses, and 99 percent of these are for Dark Avenger," McAfee
said, adding the virus has also attacked computers belonging to banks,
insurance and accounting companies, telecommunications companies and
medical offices.

"I've had a lot of calls from Frankfurt," Swimmer said. "One bank was very
nervous about it, but I can't reveal its name for obvious reasons."

Several experts say the spread of the Bulgarian viruses is less the result
of activities by the secret police than it is the consequence of having
developed a generation of young Bulgarians whose programming skills found
few outlets beyond hacking interventions.

A decade ago, this country's Communist leaders decided to make Bulgaria an
Eastern-bloc Silicon Valley, Vesselin Bontchev, a Bulgarian computer
specialist, said.  Bulgarian factories began turning out computers, and the

government introduced them into workshops, schools and institutes.  Many
computers, however, stood idle because people did not know how to apply
them or lacked an economic interest in doing so.

"People took office computers home, and their children began playing on
them," he said, adding that buying a private computer was almost
impossible.

These children quickly acquired software-writing skills, but had little or
no chance to apply them constructively, he said.

They began bootlegging copyrighted Western software, especially computer
games, by overriding devices written into the software to prevent it from
being copied. Then they started altering the operating systems that drive
the computer itself.

"From there it was one small step to creating viruses that attack files
when they are acted on by the operating system," he said.

Bontchev estimated there are only about a dozen young Bulgarian computer
programmers who have written the viruses that have caused all the trouble.

"Computer hackers here write viruses to show who is who in computer science
in Bulgaria, to find a place in the sun," said Slav Ivanov, editor of a
Bulgarian computer magazine. "The young computer people just don't rank in
our society. They don't receive enough money."

The average wage of a software writer in Bulgaria is about $30 a month,
Bontchev said.

One virus designer, however, acknowledged that revenge was also a factor.

"I designed my first computer virus for revenge against people at work,"
said Lubomir Mateev, who helped write a non-destructive virus known as
Murphy, which shares many of Dark Avenger's tricks.  "Our first virus made
all the computers at work send out a noise when they were switched on."

Mateev, 23, said he collaborated with Dark Avenger's designer last spring
on a new virus that is harder to diagnose and cure because it is
self-mutating.

"Dark Avenger's designer told me he would take a job as a janitor in a
Western software firm just to get out of Bulgaria," he said. Attempts
during several months to get in touch with Dark Avenger's creator proved
fruitless.

For now, Bulgaria's computer virus designers can act with complete legal
immunity.

"We have no law on computer crime," said Ivanov, whose magazine offers free
programs that cure known Bulgarian viruses.  "The police are only
superficially interested in this matter."

Bulgaria's secret-police computers have also been infected, said a
well-placed Bulgarian computer expert, who spoke on condition of anonymity
and refused to elaborate.

Dark Avenger has also spread to the Soviet Union, Britain, Czechoslovakia,
Poland and Hungary, Bontchev said, adding, "I've even had one report that
it has popped up in Mongolia."

"The Dark Avenger is the work of a Sofia-based programmer who is known to
have devised 13 different viruses with a host of different versions,"
Bontchev said. "He is a maniac."

Bontchev said he was almost certain Bulgaria's government was not involved
with Dark Avenger.

"A computer virus cannot be used as a weapon because it cannot be aimed
accurately and can return like a boomerang to damage programs belonging to
the creator himself," he said. "It can be used only to cause random damage,
like a terrorist bomb."

Unlike less infectious viruses, Dark Avenger attacks computer data and
programs when they are copied, printed or acted on in other ways by a
computer's operating system, Bontchev said. The virus destroys information
every 16th time an infected program is run.

A virus can spread from one computer to another either on floppy disks or
through computer modems or computer networks, he said.  Many viruses are
spread at computer fairs and through computer bulletin-board systems where
enthusiasts exchange information over the telephone.

Legislation on computer crime will be introduced in Parliament once a
criminal code is adopted, said Ilko Eskanazi, a parliamentary
representative who has taken an interest in the virus issue.

"We are now seeing viruses emerging on entirely new ground in Eastern
Europe," Bontchev said.

"Things may get much worse before they improve," he warned.  "The first law
of computer viruses is that if a virus can be made, it will be. The second
law is that if a computer virus cannot be made, it will be anyway."

+++++++++++++++++++++++++++++++

From: [email protected]
Subject: Mitnick and DEC Conference
Date: Thu,  3 Jan 91 20:00:43 PST

         DECUS Bars Hacker: Meeting attendees focus on security
                             by Anne Knowles
           FROM:  From Communications Week December 24, 1990.

Las Vegas-While attendees of the DECUS user group meeting were busy
learning about DEC security, an infamous computer hacker was trying to
register for the Digital Equipment Computer User Society's Fall 90
Symposium.

Luckily for DECUS, the hacker was recognized by show personnel, who
refused him admittance.  DECUS contacted its lawyers and is now developing
a policy for dealing with such situations in the future, said bill
Brindley, president of the 30-year old user group.  In the interim, the
hacker was barred from the meeting.

DECUS is the organization for users of Digital Equipment Corp. systems and
ne tworks.  With 120,000 members worldwide, it is the largest user group of
its kind.  the group holds seminannual symposiums, week-long events of
daily seminars and hourly sessions on mostly technical topics concerning
its membership.

DECUS had never before been confronted by a hacker attempting to register
for one of its symposiums, Brindley said , though an attendee was evicted
from the show two years ago when he was discovered hacking.  DEC identified
this year's hacker as Kevin Mitnick, who is well-known to both DECUS and
DEC.  He is currently on probation after having been found guilty in
federal court of breaking into Easynet, DEC's internal computer network.
His probation stipulates that he not enter a networked system or one with a
modem, Brindley said.  During its symposiums, DECUS supplies networked
terminnals for attendee's use.  "It would have been logistically impossible
to restrict anyone [who had gained admittance to the show] from the
systems," Brindley said.

The article goes on to other items from this point, but this is the part
that deals directly with hacking.

********************************************************************

------------------------------

                          **END OF CuD #3.03**
********************************************************************

You are viewing proxied material from infinitelyremote.com. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.