informis
/
textfiles
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
textfiles/virus/amigvir3.txt

37 lines
1.9 KiB
Plaintext
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

Article 21198 (6 more + 1 Marked to return)) in comp.sys.amiga:
From: johnsen@daimi.dk (Henrik Johnsen)
Subject: IRQ Virus -it's out!!!
Keywords: Link Virus
Message-ID: <1885@daimi.dk>
Date: 28 Dec 88 16:45:05 GMT
Reply-To: johnsen@daimi.dk (Henrik Johnsen)
Organization: DAIMI: Computer Science Department, Aarhus University, Denmark
Lines: 22
A couple of weeks ago we received a disk from a member of the 68000 User
Group in Denmark, with at least one virus on it. This was the IRQ Link Virus
mentioned some time ago in this group. It is out and spreading, and we have
currently no cure for it. Symptoms are a title bar with text:
IRQ Presents another virus for the Amiga
On closer examination several programs (not the bootblock, it's OK)
were strange. BlitzFonts did not look like the original. We have used the
old (Fish 26) UnHunk program on these, and the code hunk of NewZap was very
small (<2kbytes), while the data hunk was large enough to contain the program
proper. It seems that the virus installs itself as the code hunk, and puts the
original program into a data hunk.
As we are no Execbase, disassembly, etc. gurus, we have sent copies of the
beast to Leonardo Fei (Guardian) and Steve Tibbet (VirusX) for examination.
And, BTW, software piracy in Denmark is not that bad. Everything is
available, if you want it, but we have not seen any BBS with significant
numbers of pirated programs. Belgium, Holland, and Germany are noted for
their crackers, and virus writers, IRQ is from Germany.
Henrik Clausen, hrc@daimi.dk, Henrik Johnsen, johnsen@daimi.dk
End of article 21198 (of 21204)--what next? [npq]

Reference in New Issue View Git Blame Copy Permalink