VX Heaven

Library Collection Sources Engines Constructors Simulators Utilities Links Forum

Communicating Viruses

October 1999

[Back to index] [Comments]

[Remember, the only purpose of this paper is to give you new ideas, nothing else. There're many variations to this idea and I'll leave it to your creativity to find out what hides in the shadows.]

1. From monologue and dialogue to multilogue!

Viruses do already communicate. They may f.ex communicate with themself or with a computer.

Ex monologue: What's the address of my variable anastasia? Ex dialogue: What's the PID of miriam.dll?

What if viruses could communicate with each other? How should they do it? What should they communicate about? The weather?

Ex Julia:

Julia is just like any other virus, but it also has functions that enable it to communicate by e-mail (POP) and to open a new e-mail account on a specific server. When the virus was released it contained an address to an already established e-mail account with username and password. Then Julia was sent into the wild. It eventually ended up on any of 3 differnent types of computers:

  1. Julia behaved just like any other virus.
  2. Julia sometimes got on the Internet.
  3. Julia was always on the Internet.

After a couple of weeks an internal trigger inside all versions of Julia made it go to that specific e-mail account. In the meantime the author of Julia had already uploaded a few new signature and module files. Julia checked the number of signature files and then uploaded its signature file and a random module. Now Julia checked if there existed modules different from her own. If she found one then there was the probability of .5 that she would downlaod and use it. After a few weeks of uploading and downloading it was time to move on. Some of the Juliases started to acquire new e-mail accounts and uploaded the new addresses, usernames and passwords to that specific account. Then they all picked a random address with the required username and password and deleted the specific address inside themself and moved on and eventually everything inside the specific e-mail account was deleted and a new-cycle message was uploaded. At this time the author didn't bother to watch over Julia anymore as she now could take care of itself.

Julia consisted of modules that could be replaced if they had the right format. The signature file was used as an index and also to make sure that not too many files were present, in case the Avs wanted to bomb the place with fake modules.

2. Virus Communication Protocol [VCP]

In reality Julia didn't have much of a future. There were too few new modules and it could only communicate with the Julia species. But what if there where other viruses out there that could commuicate using the same protocol?

Sure, the chances of them meeting on the same e-mail account are zero. But, if all viruses knew of 'Virus Networks' with 'Virus Factories' that could deal with them? Then the chances would be different.

When I earlier spoke of modules, then I really spoke of small 'universal' functions like encryption, polymorphism, infection etc.. The really cool thing about the modules would be that they're all compatible. So, if a virus is created to make use of a module called module.encryption.083 then it can also use module.encryption.014.

This method would take us beyond polymorphism. At first this may look like an online version of a construction kit, but it's really much more powerful. If f.ex more and more modules would become standardized then authors could focus on other work more and the effiency of the viruses would increase. And if viruses could be updated then their chances of survival would dramatically increase. If you originally created a virus that only worked on W95 'you' might end up with a virus that works on W98/W2000/NT and maybe others. :) Code would become re-usable.

A virus network? Is that legal? How could one do it? An idea:

Create a server that's online at all times. If we would try to cover-up the server we and the viruses would only be surprised when it one day would be down, removed etc. (police, FBI...). So, don't! Create a fake company that specializes in exportable modules etc.. Now we're a real commercial company doing something that's fully legal. The only 'downside' would be that our only (perhaps not) customers would be viruses! Hahaha! :)

So, what if the Avs find all our modules and take them apart. Do we have to care? No! Your virus doesn't have to able to export all its modules. It may only export one or two non-critical ones. See your virus as a shell while the modules make out the meat. But, remember, you create the brain!

3. The Future

Do you think this is just a fairy tale? Not possible at all? I can assure you that all of this is possible, but I'm not saying it'll be easy. The chances that someone will actually create a VCP are almost zero, but wouldn't it be great?

It's really fun to come up with these ideas and to imagine how they might work. But, that's nothing compared to making it actually work, not just in theory. Are you interested in this idea and similar ones? Do you wish to talk about it? Do you wish to build a VCP? Do you think this idea is shit? If you have an opinion then state it!

By accessing, viewing, downloading or otherwise using this content you agree to be bound by the Terms of Use! aka