interview with ergrone/gedzac 
 
by alcopaul 
 

where do you live? 
 

I live in chile, santiago. 
 

do you have hemp in your place? 
 

where I not live (in my house) but in the country there is much:). 
 

how is the scene of the virus there in its area? 
 

good the scene here not this very developed one, in fact they are few those that program virus or worms in this country (that I know). although years behind were made virus for the DOS the Chile Mediera and the FelizCumpleaños (in 1993) that was created by a student in the serene a city to the north of my country. http://www.ubik.to/vr/vr10/analisi.htm (Chile Mediera) 
 

where did you get your handle? 
 

I don't understand this question you could please make it in another way, my English is even very bad. 
 

and why ErGrone? 
 

a person that I knew, an anthropologist explained to me once Her is a word in Latin that humanity, and Grone means it  Black (Negro=Black). a black humanity but to my way and without H jeje. a black humanity doesn't mean something bad, good that serious to enter in philosophy, in my philosophy and ufff he is to give at a lot of time jeje. 
 

when did you first encounter computer viruses? 
 

in the 90 I saw a Friday 13, and also to that of the ball virus of Boot (turin), I remind an antivirus TNT that eliminated the PingPong (that of Turin) that we called this way here it, and but he takes a long time I found with one of my favorite ones... The ChileMediera when I was 11 years old, all this product of being copying games and programs like the PcTools. 
 

what was your first virus? 
 

my first virus, mm, the truth is that I never made an infector (up to now), but the first time that tosses to run something was with a virus created with a generator to which tries to modify its code source to avoid the heuristic one. 
 
up to now alone he had made worms, so I can say that the first one that I work fairly well was that of the Droga Virtual. 
 

what was your best virus? 
 

Well the Duni or Dadinu (as they baptized him those of the Antiviruses) and it is not because it is something of another world but because it achieves the one made of bombarding the hotmail mail 
 
also that he has certain characteristics that people of the AV have not named. 
 

what made you decide to enter the virus scene? 
 

they always got me the attention those programs that moved without the user's permission, 
 
from the first time that I sat down in front of a computer I wanted to make something like that, either a worm or a virus and until logical bombs. Here in chili very recently that the internet went accessible to almost all the people and 
 
therefore the information , before to be gotten a compiler cost a lot (alone hee could find the damned one interprets of Basic), and a manual a lot but, the compilers and alone assemblers could be in universities, and me dont have that type of friends, it was even very boy. 
 

but what I really take myself to create a worm and but it takes virus it was that I understood that a virus is not so alone a program, is something that has life and depending of like let us endow its brain this it will be but intelligent. 
 
a virus is something that this alive one and that he sometimes dies or he sleeps. 
 


what programming languages do you use? 
 

Delphi, but now I am beginning to use the free software (LINUX) and I am studying C. I also understand something of ASM, but not 
 
I have programmed but that a protection anti softice in ASM. 
 

how did you learn them? 
 

with the test and error (as the animal, jejeje), 
 
and thanks to a tutorial to make keygens began to understand the delphi. 
 

you're a delphi coder, right? 
 

yes, the truth is that delphi accommodates a lot in W32 and it is very powerful and mainly when you join it with ASM. 
 

what version of delphi compiler do you use? 
 

the Ver. 2 and Ver. 6 
 

how did you get your delphi compiler, via cd/installer or via the internet? 
 

the version 2 me the gift a friend via internet, and the 6 got it pirated here in my country in a CD. 
 
here the piracy is ufff, until of clothes jejeje. 
 

if via the internet, how long did you download the compiler from borland site? 
 

the delphi2 you doesn't delay anything very little weight. 
 

what books or readings would you recommend the aspiring delphi coders? 
 

to read on cracking of softwares, as manufacturing a loader, as making a keygen. neither this other ones to debug some windows processes to go understanding ASM and the operation of the system to which we are invading. there is a very good book that this in Spanish calls you Guide of development delphi 5 written by Steve Teiceira and Xavier Pacheco. and also in the google putting Delphi Tutorial, they are you paginate very good that teach from 0. http://www.hackerdude.com/courses/spanish/delphi/Cap010.2.html http://www.latiumsoftware.com/es/pascal/ and many but. 
 

i've seen descriptions of your worms and i think some of those way advanced than the other worms around.. :) can you tell us some of the worms that you coded and describe them? 
 

:) on the worm CPL can say that this he sends every time that the infected user adds a new contact to his list of Messenger again. and that their end in to saturate mails and to occupy space in the Hard disk, and clearing to demonstrate that AVP is easy to disable without making a lot: P, everything is regulated in the registration and in its file avp.set. - now on something new, because it is a worm of shared resources that it carries an infector to the old jeje an infector appending, the mission of this project it is to disable antivirus, and to remember that there is another form of putting virus taking advantage of the fame P2P that I mean with this that before new roads the old ones technical they can be revived. (it seems that I said a lot of jeje) 
 

what made you decide to code the cpl worm? 
 

Well, the truth is that my intention was always to saturate hotmail, since microsoft you takes possession of the one. but because that extencion. the cause is that it is a not very well-known and not used extencion besides that passes this way as not very well-known for people non expert in the topic of the extencions, because common people as a lot this concerned one of not opening an EXE, PIF, BAT or COM and of course VBS, if has made the function so that he multiplied maybe for IRC he would have had but I impact, but as that route of the IRC this very exploited one preferred not to make it. 
 

how did you code that one? 
 

that as I code it. mmmm, if you refer then to structure he would not know how to define it, but let us be devoted to read on that it is truly a file CPL and like you can manufacture, after that I began to prove if this type of files contained some restriction type, and I realized that it didn't contain them. I also realized that from the iexplorer it was perfectly executable (I didn't seize from the old winfile), also you that if you install a CPL in the control panel it is executed with alone to visualize it (it depends of as you program it). 
 

you're a member of the GedZac group right, which is i think a relatively new group... how did it all start? 
 

good this group this very new one even, but he has members with a lot of capacity, among them the one that but I highlight and that he knows a lot it is Jtag, he has a project sensational jeje, God willing it finishes it soon. Gedzac is born with the idea of exposing documentation in Spanish that never tries on this well pondered side of the programming. 
 

i visited GedZac site and i observed that only binaries of your work are available there.. why won't you post the sources of those? 
 

Well my intention is not to put the code of a virus or worm that I have created, but rather my intention is to place useful parts of code that they can be applied in the generation of a virus or maybe of any other program, in the numbers that let us make of the ezine they will have a code section, in which will go parts of code that I have used in my creations (to obtain contacts, to write in the registration, to make this way a Joiner and things), they will also go other friends' members of Gedzac codes (codes in C++, in Batch, ASM and because non VBS). 
 
my sources, I lost one that of the banderanegra and the component, I lost them for silly and accelerated when it installs linux I destroyed the partition, a silly error jeje. but if, I keep the codes sources and you the step to gedzac people. 
 

if we can take a peek at your future projects, what new techniques can we see from those? 
 

on new technique in this project that I am finishing, because the truth is that there is not anything new, but rather I will use an old technique that the antiviruses not yet dominate but that however they continue being glorified with their heuristic one, they will see appending and a worm that it will destroy the antivirus before moving. I will also soon finish a Trojan one that doesn't need of IP to be controlled;). 
 

choice.. viruses, worms, backdoors or trojan horses? 
 

virus and worms. 
 

why? 
 

it is it but near to the beginning of the life. also that a worm can be perfectly a Trojan one and also to carry a virus. :) 
 

favourite virus or worm technique? 
 

I like the Nimda, the DarkAvenger and the ChileMediera. 
 

why? 
 

the Nimda because I infect myself when one visits it paginates jajaja, good besides that find it brilliant for their expancion method. the DarkAvenger to be the first polimoph and because I like until their name. and the ChileMediera because it is a virus manufactured in the country where I live. 
 

what do you think about sudden craze of p2p worms in the scene? what do you think of p2p worms? 
 

there are worms and worms and I believe that until today's day all occupy the same technique, of putting luminous files (to call somehow to files with recurrent name). what I made with BanderaNegra apart from putting luminous files it was that it has more than enough he wrote all the files that were in the shared directory, conserving the name but adding him . exe to the original extencion. 
 

what do you think about irc? 
 

I like but it depends so that, I don't like channels where alone idiocies are written, neither where the only end isto exchange MP3 (my brother has me the full HD). but the channels have more than enough programming, hacking, security, Virii etc. is very necessary. 
 

what do you think about media hyping viruses or worms? 
 

the truth is that that attitude bothers me a lot, it makes sick me. once I wrote to the developers of an antivirus (PER) to congratulate them because they had been but efficient that panda, then they answered me requesting me a copy of the BanderaNegra, because in their alone hands they had the VBS that used for the shipment for outlook (the binary part is useful alone to be sent by messenger), I in a good way sent them the binary of my worm, and them some how many minutes but it takes they go and they put a note saying that they had controlled this worm in less than 15 minutes, ja but they didn't speak anything on that I had sent them the sample because they requested it to me, those they are sensationalist and also traitors. 
 

do you have an anti-virus software installed in your pc? why did you install that software? 
 

AVP, Because my brother also uses the computer and because something can appear new somewhere around and I would not like to lose something important, although I always make backs but with this of the bugs any thing can happen. I also chose the AVP because it doesn't swallow many resources. 
 

what operating systems are installed in your pc? 
 

Linux Redhat 7.2 , W98 and NT4 
 

what do you think about scripts, macros, virus generators and visual basic? 
 

on the scripts, good I believe that they had their minute of fame, although it is sometimes been worth to use one to supplement a binary one (like to demonstrate that the heuristic one is simply bad). The Macros continue effective, I have never created a macro virus but that there are them very good that cannot refuse, also with each new version of Office, the possibility of a new programming style for the macro virus is increased, the new technologies always take I get errors that obviously if they are discovered they are taken advantage of to give life to a new specimen. The virus Generators, because I don't find him anything of bad, whenever they are used to learn. now if people use a virus generator for simply "to become famous" because he doesn't interest me (VBS.Kournikova). VisualBasic. the truth is that I don't like it a lot, and although one makes but easy to work on the software developed by microsoft, I believe that the VB has limitations. but that things can be made, if one can (I have seen enough Worms and Trojan very interesting developed with VB). but what bothers me of the VB is that it depends on the Runtimes, and the null possibility to manage the registers of the processor when it is necessary. 
 

how do you name your creations? 
 

jejeje, I like the name of the animals, here in chile (and in other sudamerica places) to the street dogs and without pedigree they are called kiltros, of there the name of 2 of my worms. the other one is BanderaNegra and it is because my ideology is Anarchist, although an anarchist flag can be of the color that is wanted or even not to have flag. and to the one that now am programming the I have called Roedor(rodent) because the infector that the and noted Hanta that it is a virus that they carry the country mice behaves. 
 
In general I don't find difficult a lot to put him it names to the things. the day that I am not happened one I will invent it. jeje.  
 

so what are your hobbies? 
 

I like to read, to listen music, something of the dead kennedys or Cramps, Chopin or beethoven (this for little that I discovered that their creations help me to obtain inspiration). 
 
but for mainly I like to program and to learn new things. 
 

what completes your day? 
 

my day regrettably finishes when I have to make something that doesn't have to do with computers and software. 
 

among all the coders in the virus scene, who do you respect the most? 
 

I respect to all the coders, I believe that all make their projects with an intention 
 
and be which is the intention of the programmed virus me the respect, this world is our and here like in the life of the biological virus there are them destructive and benign but for that reason we won't stop to find good things in the structures of these (the virus of the AIDS is murderous but its structure is even unmanageable, and this maintains thinking the scientists, maybe that structure of the virus takes them to understand in a better way the DNA), 
 
I also believe that each virus or created worm are a word to the world on the part of the coder that I manufacture it 
 
I admire the Creator of the Nimda or the team that I believe it. if it is a very good specimen. 
 

the least? 
 

The sensationalist ones that work in the antiviruses. 
 

what can we expect from your future works? 
 

Always intent to give him works to those of the companies of AV. and it stops that I need to make things not very seen, not very prospective or to attack for means not very exploited. so if one must wait something of my it is that I will be devoted exclusively to kill the AV so that other Virus shares the Team infected with me:). 
 

favourite malware of all time? 
 

Windows 
 

why? 
 

it is not that it is my favorite one but this in all sides where he looks and without the one I believe that it would cost a lot that a virus multiplied. jeje. 
 

where can we see your works? 
 

www.geocities.com/zonavirus or in it paginates it soon of Gedzac but this it will be relocated the same as that of Zonavirus. 
 

where can we contact you? 
 

ergrone.gedzac@mad.scientist.com 
 

anything to add? 
 

yes. thank you to give me the opportunity to have a space with this interview in the first number of the ezine of Brigada8. and you excuse to have English's bad domain. I also mean people that is interested in this scene, be not afraid of entering that they read and look for material because it exists a lot and of very good quality. 
 
and that it is not very necessary to see the code source of a virus to make something new. there are many things that they are used to every day in the programming that they are usable in a virus, alone he makes lack creativity and desires of giving life to a code. 
 

greets? 
 

to my family, to people of Zonavirus and GEDZAC. to Alcopaul for the interview, and to people that not wise what is a file CPL:), jeje. and to the autonomous virus investigators (with which I don't have contact but respect a lot their work). 
 

flames? 
 

to the police and the coalition Sharon/Usa. because to the police? because I don't understand because they pursue to virus creators and hackers instead of pursuing to the pedophilics and that type of sick. to the coalition because they are armed minority, however they decide and because they enter where they don't want them. also that before they were pursued and now they are the inquisitors their speeches they are false... 
 

thankie for the interview ;).