back to article Confession: I was a teenage computer virus writer

I was 17 years old, I had nothing to do, and I wanted to teach myself programming. So I decided to write a computer virus. Don't worry. The two viruses that I ended up writing – Leprosy and Leprosy-B – were designed to infect MS-DOS computers. They knew nothing about the internet, because neither did I at the time, and these …

  1. Andrew Moore

    I suspect a lot of us did this back in the day...

    The only virus I wrote was only designed to annoy a friend. And set to die after a particular timescale.

    1. Rich 11

      Re: I suspect a lot of us did this back in the day...

      I wrote an Excel macro just to demonstrate to a manager that it was possible for a spreadsheet or word-processing document to wipe a floppy disk simply by getting someone to open it. When he realised that it could just as easily have been the C: drive, we had an anti-virus policy written and approved within a week.

      I'll leave you to guess which poor sod then had to go around installing anti-virus software on every machine.

      1. Anonymous Coward
        Anonymous Coward

        Re: I suspect a lot of us did this back in the day...

        Back in the days when floppy discs were exchangable we had one guy who hoarded them. He must have had hundreds of discs, because he never gave a single one back or gave anybody a disc with files on. This was considered a bit rude, and we started to get low on discs so needed to get them back.

        Seeking to solve the problem I wrote a simple batch file on my disc that simply created a directory on the HDD, copied the files and then printed a message saying "this message will self destruct in five seconds..." followed by wiping the floppy, and printing a message saying "NOW GIVE ME THE FLOPPY BACK!"

        It worked, but everybody involved started doing similar things and we all got a lot more cautious about opening anything vaguely executable from external sources, which has proven to be a useful habit!

    2. Andy Non Silver badge

      Re: I suspect a lot of us did this back in the day...

      Back in the late 1980's when viruses were starting to become known, I wrote a fake virus that mimicked the virus that made random letters slide down and off the screen. I've forgotten what the real virus was called; maybe Michaelangelo virus? It was just to freak out our company's tech support dept. When the guy was in the office I called him over and asked him if he'd got any idea what was wrong with my computer. The guy was horrified and immediately began testing it and all my 5.25 disks for infections. He never did find the "virus".

      Funny how some techniques are independently invented by multiple people. Back in the days of the Commodore 64 I wrote a ton of assembly language software for it, including some that did a controlled buffer overflow to take full control of the computer. While loading an apparent Basic program from tape, it overwrote key vector tables and took full control of the computer, running my machine code even before the tape had finished loading. It wiped any other software that was already resident (e.g. pirating software) then banked out the operating system and bios and had the full 64K all to itself. Ah fun times.

      I also had lots of fun making stuff that went *bang* but maybe best not to elaborate much other than to comment that nitroglycerin goes with an exceedingly big bang and that such hobbies are somewhat frowned on nowadays by Mr Plod, even when done without any malicious intent.

      1. DropBear
        Trollface

        Re: I suspect a lot of us did this back in the day...

        "the virus that made random letters slide down and off the screen"

        Oh, we did that too - except we were using the disassembled Real Thing with its infecting parts removed. We left it running in memory only and retreated slightly. Well, you have not seen proper horror until you've watched the guy who sat down after us noticing the falling letters in his Borland IDE, starting the text-mode McAfee scanner then flip out once that too started to "fall" mid-scanning. Of course, the modded code was not spotted and it went "poof" as soon as they turned off the machine... good times.

        1. YARR

          "the virus that made random letters slide down and off the screen"

          Cascade.

          1. Anonymous Coward
            Anonymous Coward

            The gatehouse to a UK civil nuclear site contained a PC, ostensibly to scan media for viruses. I don't know, ten years later would be working in the mail room of the same site, and the parcel X-Ray machine was only turned on once a year - for testing.

            Those of you who have noticed that in the note about the author in many Terry Pratchett books reads "he has thought about writing about his time in the SW Generation board, but felt that nobody would believe him', should believe him - its unbelievable. Still, it lit and warmed our homes,and the resulting pub stories could have been written by the late Tom Sharpe - or Pratchett.

      2. silent_count

        Re: I suspect a lot of us did this back in the day...

        "Funny how some techniques are independently invented by multiple people."

        My one (purely academic) go at writing a virus was a straight forward, "overwrite the smallest uninfected file larger than the virus code". To find the ideal target, my virus had to have a way of 'looking' at every file on the disk, so I invented a programming technique commonly known as 'recursion'. Too bad this was the late 80s and some people had already stolen my idea... long before I had it.

      3. Michael Wojcik Silver badge

        Re: I suspect a lot of us did this back in the day...

        I wrote a fake virus...

        There's a proud tradition of software that mimics malware or other disasters without actually doing anything bad. Other examples are the Sysinternals fake-BSOD screen saver and the fine-named MIT "Amyl Fax Shuffle Time", which forged a message that made it appear the MULTICS MAC security labels had been subverted.

        A related species is the malware that annoys a user temporarily but doesn't do any lasting damage; the best-known example is probably Cookie Monster.

        1. mstreet

          Re: I suspect a lot of us did this back in the day...

          My favorite version of this involved leaving a dialog box open on the "target" machine, asking the user if he's sure he wants to delete all files on volume C:

          After clicking the cancel button, the code would then show: Now deleting: xxxx, were xxxx was generated by a simple loop listing all the files.

          This started a fine tradition of April the first software releases.

      4. TechnicalBoy

        Re: I suspect a lot of us did this back in the day...

        That virus was Cascade...

        https://en.wikipedia.org/wiki/Cascade_(computer_virus)

    3. sisk

      Re: I suspect a lot of us did this back in the day...

      I wrote one that randomly renamed command.com and gave a message along the lines of "Hi dad! Your command.com got broken. Here's how to fix it."

      We won't talk about how long I was grounded for that one. In my defense it was supposed to be funny. How was I supposed to know my 5 year old sister would end up being the one who got the disinfection instructions?

      1. werdsmith Silver badge

        Re: I suspect a lot of us did this back in the day...

        I used to write TSR (Terminate & Stay Resident) programs that would wait for a certain key combination and then pop up a silly text window message and have them start on autoexec on all the office PCs. And I found out how to do that from the same Peter Norton book.

        Ahh, nostalgia and memories of younger simpler days.

        I recall back in the 90s a virus was such a rare thing that if anyone got infected then everybody got invited over to see it.

    4. This post has been deleted by its author

    5. Anonymous Coward
      Anonymous Coward

      Re: I suspect a lot of us did this back in the day...

      In 94 or 95 I wrote a word macro that surreptitiously when opened printed 1000 letters to the default printer without you being able to cancel it. Once emailed to a person it had the effect you can imagine of printing what seemed like a private letter to the the rest of the room since printers are usually shared beasts and spew out paper so anyone can read them.

      At the time i would have said it was the first macro virus ever, but it was not designed to replicate except on paper. Such were the days. Kid renegade. Of course now i know it was not clever and not smart, but in the day it felt like quite an achievement.

    6. Anonymous Coward
      Anonymous Coward

      Re: I suspect a lot of us did this back in the day...

      I was thinking the same thing. I'd just dropped out of college around 1989, I was 17 and found it very boring 'cos they didn't teach us anything interesting in computing except database theory and how to build a PC, stuff I'd been doing with my old man for at least 2 years at that point. Dossing at home for a few months while looking for a job I decided to stop learning C and start learning X86 and 68000 assembler, simply so I could write virus code. Stupidity of youth! I never wrote anything deadly serious, just boot sector infectors that did silly things with the screen and mouse when you started your Atari ST or weird things in DOS like transpose the keyboard, print letters back to front. Just fun stuff that would annoy people. I used to "defuse" game protection mechanisms for my mates or I'd get bored and put my girlfriend's name and greets into games so she's get a nice surprise when she played them! A misspent youth, no doubt all that tinkering has probably helped me in the long run in professional my IT career!

    7. This post has been deleted by its author

  2. hopkinse

    In the early 90's we used to occasionally 'improve' colleague's DOS PCs by modifying the message strings inside COMMAND.COM and replacing them with scary messages that made it look like you were infected with something nasty. We'd let them panic for 10 minutes before revealing the hoax.

    1. sisk

      I did something similar with explorer.exe. I thought one of my friends was going to die laughing when he booted into safe mode only to be told Windows was "wrapped in bubble wrap because it just can't seem to keep from hurting itself".

  3. IHateWearingATie
    Mushroom

    Viruses are all very well...

    .... but I want to know more about blowing up phone boxes with fireworks!

    1. Daniel Hall
      Coat

      Re: Viruses are all very well...

      I did the same in the late 90's, and now I work for a telco.

      MAybe fireworks, phoneboxes and IT are somehow joined at the hip? ha...

    2. Anonymous Coward
      Anonymous Coward

      Re: Viruses are all very well...

      Phoneboxes are all well and fun. But there was a trick you could do back in the day to fry someones computer.

      Take a 5 1/4 floppy disk, open it up and get to the plastic disk inside. Then, take a box or 2 of strike anywhere matches, very carefully remove the match part from the matchstick. Then very slowly grind up the matches into as fine a powder as you can muster. Then, apply some clear nail varnish to disk, sprinkle said powder onto disk.

      Re-assemble disk. And then give it to someone you don't like.

      Crude, but can do a lot more damage to a pc than a virus.

      1. dc_m

        Re: Viruses are all very well...

        I seem to remember people doing something similar with cap gun caps.

      2. Kevin 6

        Re: Viruses are all very well...

        Yea remember that trick a guy I know did it to someone in highschool long ago who claimed to be a master hacker, and claimed he could defeat any kind of threat to his PC. He didn't expect his drive bursting into flames.

        Still talk to the guy that pulled it, and its always funny when we reminisce about high school.

        I also still remember the disk box that I kept of floppies that were infected with numerous different viruses that I collected, and would give to people that pissed me off :D

        Then there was the macrovirus I wrote when I was attending/working in a college that only would infect our PC's, and targeted another macro virus someone I knew wrote, and would over write it. Did it as I got tired of having to go PC to PC to clean it off.

    3. Anonymous Coward
      Anonymous Coward

      Re: Viruses are all very well...

      > but I want to know more about blowing up phone boxes with fireworks!

      Step 1: Find a phone box

      Down at first hurdle, eh? :)

      1. Afernie

        Re: Viruses are all very well...

        "Step 1: Find a phone box

        Down at first hurdle, eh? :)"

        Of course this may give us some insight into why BT stopped replacing them, thus ruining Christmas for everyone.

  4. Anonymous Coward
    Anonymous Coward

    Amateur

    I wrote my virus in 8086 assembler.

    It had a neat extra trick that after a machine was fully infected, it *de*infected the machine until clean. Really got a few heads scratching there.

    Funnily enough, it wasn't that which got me a knock from Men In Suits, but something much less technical. I can certainly vouch for UK academia being closely watched in the 1980s.

  5. Anonymous Coward
    Anonymous Coward

    Damaging PCs ...

    You could hammer the read/write head against track 0 as fast as physically possible - if the owner was unlucky it would upset the alignment, and start to fail.

    Depending on the video hardware, you could drive a PC monitor at the wrong refresh rate. Cue a high pitched whine, and smoke.

    And some hardcards had on board low-level format firmware. Given the market was hardly awash with them (WD and Seagate probably), you had a good chance of really trashing someones hard drive.

    1. Phil O'Sophical Silver badge

      Re: Damaging PCs ...

      You could hammer the read/write head against track 0 as fast as physically possible

      Or you could do it at a variable frequency, and play tunes. IIRC that was the basis of "Drive Music" on the Amiga. Not something to try on your own drive, but there was always a gullible new kid somewhere...

    2. phil 27
      Mushroom

      Re: Damaging PCs ...

      "You could hammer the read/write head against track 0 as fast as physically possible - if the owner was unlucky it would upset the alignment, and start to fail."

      I did that accidentally in the late 80's trying to write my own diskloader for an amiga megademo.

      I scoffed at all that namby pamby capturing the trackdisk device at $4c and playing nice, instead to hit the cia's that controlled disk io directly in 68k asm and write the entire disk controller for myself. Somehow I got the whole idea so spectaculary wrong it tracked the head over the whole disk surface, and the software of the day couldn't recover anything off a floppy so destroyed. So... not to look a gift horse in the mouth, we released it as the fast disk destroyer (and as far as I know, no floppy mechanisms died as a direct result, but who knows... Mine was alright mister...)

      Did learn a lot about controlling hardware, though we ended up using trackdisk.device for the demo loader in the end anyway.

      To the author, I mean this in the nicest possible way as I don't think it was your original intent, but, you b*stard! I pulled the SCA virus apart in a debugger to see how it worked, but only so we could see how it loaded and stayed resident and to admire the code (it was the first virus we'd ever seen) . We used that to write a intro that we jammed into the bootblock (with chipmusic to boot!) , but decided *against* making it propogate to inserted disks as quite a lot of games of the period relied on funny things being inserted into that sector as part of their copy protection (plus it took another 120bytes of precious space). Its the difference between unlocking someones bike at school for practice picking combo locks then swapping it with someone elses bike lock out of mischief vs unlocking the bike and nicking it.

      I'm still locking other people's bikes together out of mischief (professionally, correctly engaged), but not nicking their bikes.

      1. ahmanwhathandle

        Re: Damaging PCs ...

        Ah the days of the Lamer Exterminator virus, I look back on them fondly and my time at the local computer club (The BDCC) sharing Amiga demos and messing around with my Action Replay cartridge shoved into the DMA port.

    3. Zmodem

      Re: Damaging PCs ...

      just get some code snippets off https://www.opensc.ws/forum.php

  6. eJ2095

    BBC Micro and Arcs

    Sure there was a command on the beeb you could to get it to use to burn out some motor.. (Bit vage been a while)

    Had a fake virus for the Acorn arc we wrote for fun when we was 13...

    lol the joys

    1. Anonymous Coward
      Anonymous Coward

      Re: BBC Micro and Arcs

      it was a *FX command that constantly reset the tape relay if I recall - it has been a while after all...

    2. Somone Unimportant

      Re: BBC Micro and Arcs

      That would have been the *relay command.

      This would switch the tape drive relay on and off.

      Do it fast enough and you would have a nice mechanical hum.

      Do it long enough and it would burn the relay.

      1. Rusty 1

        Re: BBC Micro and Arcs

        I thought it was *MOTOR, as in

        10 *MOTOR 1

        20 *MOTOR 0

        30 GOTO 10

        No, I never ran that. Not ever, and especially not in any branch of a popular high street micro vendor of the 80s. Ahem.

    3. AlbertH

      Nuking a TRS80

      The expensive "experimenters" version of the Tandy TRS80 had a built-in EPROM blower. A few Basic POKE commands could re-direct the higher programming voltage to other hardware in the machine's memory map - cue smoke and flames!

      We installed and ran a little Basic program that did just that in many Tandy Stores! They withdrew the model variant after a while, because they were "always burning out when on demonstration"!

  7. Joe Harrison

    "I didn't really understand it, but it solved my issue, so I used it."

    Sums up my entire career as a "developer" :(

    1. Anonymous Coward
      Anonymous Coward

      Unfortunately...

      It applies to a lot of developers...

    2. Frumious Bandersnatch

      "I didn't really understand it, but it solved my issue, so I used it."

      Sums up my entire career as a "developer" :(

      There's a name for that ... https://en.wikipedia.org/wiki/Cargo_cult_programming

      1. Michael Wojcik Silver badge

        "I didn't really understand it, but it solved my issue, so I used it." ... There's a name for that ... https://en.wikipedia.org/wiki/Cargo_cult_programming

        That's not what "Cargo Cult Programming" is normally used to mean.

        The distinguishing feature of Cargo Cults is that they observe a process that consistently has certain material results, and then they implement their own version of that process, but without key aspects that make it work, because they don't understand it.

        In CCP, the process is "I didn't understand it, but I jammed it in anyway, without being able to tell whether it fixed the problem". Often that's because the problem is intermittent or is hidden by the change; sometimes a side effect of the change accidentally corrects the problem, but not for any good reason (for example, the change introduces a delay that narrows down a race window to the point where it's never hit in practice).

        In the article, Neil understood the purpose of the code in question, just not the details of its implementation; and the purpose addressed his problem. Using it was just a case of using some software as intended without knowing how to do the same from scratch. I expect most developers are in that situation, since most end up using components provided by other parties, and few have comprehensive knowledge of computer science and other applicable domains.

  8. Tom 7

    I used to spend many happy hours reading quarantined files of various foms

    If some of those buggers had read some of the MS APi's there could have been some real problems out there. It was hard to resist the temptation to improve on them sometimes.

  9. Yugguy

    I was so nice

    I just wrote a little column destruction game on my ZX81.

    It pleased me.

  10. Frumious Bandersnatch

    Two obvious questions

    1. Did you get caught; and

    2. Is there some sort of statute of limitations?

    I found the whole field very interesting for a while. Not so much the basic idea of a virus (which is trivial) but more the ingenuity that some authors had in finding novel places to stash their code in memory, evade detection (like some viruses that would hook DOS or the BIOS interrupts to show infected files in their original, uninfected forms if resident) and especially polymorphic viruses (especially the Dark Avenger Mutation Engine).

    I never used a BBS. I tended to use Usenet (VIRUS-L? All the 40Hex, 2600 and so on were also available) and a few key resources (Ralf Brown's Interrupt List, Patricia Hoffman's VSUM and IIRC, "The Programmer's PC Sourcebook/Handbook" by Thom Hogan). Was never part of any "hacker" scene. More of an academic interest with me. Kind of a strange hobby for teen/twenty-something, but still, I learned an awful lot about PCs, the BIOS, Dos and x86 assembly from it.

    They really were simpler times. Most viruses were no more than stupid and ill-advised pranks. Even PCs were kind of more like a novelty than a serious tool. When serious money started being involved (PCs becoming mission-critical and the Internet becoming a conduit for commerce and banking) the scammers and crooks took over. That was the end of the fun/innocence.

  11. Shadow Systems

    Mine wasn't a virus per se...

    A friend of mine ran a local BBS & kept crowing about how he had "secured it tighter than a virgin's morals".

    He challenged me to find some way of infecting the BBS, and I accepted.

    The result was a batch file that typed the ASCII code for a Space into a text file, copied that first text file into a second, then kept concatenating the files to the end of each other until the files were so huge that they filled the HDD.

    I had to boot to a floppy, delete the second text file, clear the temp files, & reboot to the HDD, at which point I used PKZip to max compress the remaining text file down to nothing.

    Once the zip file was made, I ran the batch file again.

    I kept it up, creating the massive "empty" text files, rebooting to a floppy, deleting one of them & clearing the cache, and rebooting to add the resulting text file to the zip file.

    By adding to rather than overwriting the compressed file, I ended up with a zip file nearly half a megabyte in size, in an era when 10Megabyte hard drives were still considered exclusive to data centers & server farms.

    I changed the name of the compressed file (inside the zip container) to File_ID.Diz, this being the Description file that most BBSi would extract to use to post the description of the uploaded file to automated listings.

    After adding a legit file inside to make it appear that the zip was also legit, I uploaded the whole thing to my friend's BBS.

    The system promptly crashed when it attempted to uncompress the "tiny" description file, only to have what would normally uncompress to maybe a few Kb for a really detailed description, into something that spanned *GigaBytes*.

    He didn't have the computational horsepower to handle the job, didn't have the HDD space to store it, and the board went down faster than a crack whore Jonesin for a fix.

    He called me up screaming that I'd killed his machine, and I had to take repeated deep breaths to control the laughter.

    I explained what I'd done, how I'd done it, & the simple steps needed to recover from the "virus" (reboot to floppy, delete the text file, flush the cache, & reboot to the HDD), and he promised to dismember me the next time I came over.

    I made up for it by bringing over a pizza & case of soda, and he said he'd let me live.

    *Snirk*

    So I never got into programming virii, I merely figured out ways to use systems against themselves, so a run away process, RAM & HDD gobbling "clean" program could do what Anti Virus software would have otherwise detected & quarrentined first.

    "Oops, I'm sorry, did your uber fast 8088 with a full Meg of RAM and 5Meg Hard Drive suddenly shit itself? Good thing that wasn't a virus I uploaded to your secure system, huh?"

    *Thumbs in ears, feisty raspberry & happy hooty monkey noises*

    1. mstreet

      Re: Mine wasn't a virus per se...

      You can do an even better trick in a MS AD environment.

      When I was just learning VB script many years ago, I needed to create a script to list all .exe files on a PC. Being a rookie, it accidently ran all the executables instead, with predictable results.

      Being generally evil at heart, this got me thinking...

      Write a simple recursive script to search the HD for .exe files, and run any it finds on the target PC. Hide it somewhere on the network, then create a login script attached to a GPO that copies a shortcut to the file into each PC's start-up folder. Have the first line of the script delete the shortcut to cover your tracks.

      It's not a virus, does no permanent damage, but gives a sys-admin (who assumes it IS a virus) a very bad day. So what could possibly go wrong?

      Not surprisingly, I don't work for that company anymore.

  12. VinceH
    Coat

    "I was 17 ... This was 25 years ago, in 1990 ... So how does a guy who wasted his teenage years lobbing rocks at other people's computers occupy his time in his adult life? I should think that would be obvious. He writes for The Register."

    I didn't think you were anywhere near that old, Chris. ;)

  13. Michael Wojcik Silver badge

    Lessons

    Hold on a minute, I just ran that in the same directory as my compiler and all my tools.

    Always mount a scratch monkey.

    I recall one day in my callow youth when I was in the process of typing "shutdown -r now" on a (variant) BSD system to test a new kernel I'd just built, when it occurred to me that it might be a good idea to back up first, in case my new kernel destroyed a filesystem or two, or even just refused to boot successfully. (With a backup I could reinstall without worrying about my data.)

    As it happened, none of my kernels ever did cause me those sorts of problems. I had a moment of cold-sweat panic, though, when I realized what I could have done to my data with just a few more keystrokes.

    (Of course all my actual work for my employer was backed up daily, and source code went into a change-management system. But I could have lost all sorts of personal projects plus the work I'd done for the day so far.)

    I always tell one of these anecdotes to students in the web-and-database class I sometimes teach, and point out that one wrong command in, say, phpMyAdmin1 could wipe out whatever data they have - at which point they'll really wish they'd taken three seconds to grab a backup.

    1It's a class for non-programmers, so we use simple tools, even if they aren't good tools.

    1. phuzz Silver badge
      Facepalm

      Re: Lessons

      I usually think "maybe it would have been a good idea to take a backup" about three seconds after I run a command.

      1. Anonymous Coward
        Anonymous Coward

        Re: Lessons

        Likewise. This is always a learning experience, and if you're lucky, only yours.

  14. Ed Mozley

    Fake DOS

    A few of us toyed around with the idea of creating a fake DOS environment (windows 3.1 days). It was a compiled exe written in quick basic that ran as part of autoexec. It was reasonably advanced but crashed out if you ran a command we hadn't planned for. It could handle about 5 or 6 basic commands like cd windows or dir, cls etc.

    1. jake Silver badge

      Re: Fake DOS

      In the Win3.1 days, most of us with a clue were running 4DOS, if we had to run whatever Redmond was belching out ...

      1. Alistair
        Coat

        Re: Fake DOS

        Digital Research. and GEM dammit.

      2. waldo kitty
        Boffin

        Re: Fake DOS

        most of us with a clue were running 4DOS

        HA! I still run 4DOS as well as 4OS2. Scripting is almost as nice as that available on *nix. The old school BBS that I still run couldn't do a thing without 4DOS and/or 4OS2 ;)

    2. AlbertH

      Re: Fake DOS

      I wrote a little programme back in the late 70s that emulated the system commands and the prompts on a GE 635 Basic Plus machine. When you asked it to get a library file, it would demand that you appended the command with "please", when you wanted to "run" a programme, it would give you one of several randomly-selected messages: "no running in the computer lab" or "a walking pace is quite sufficient" and so on. It would actually pass your command to the interpreter, and it would be executed, but the prompts and warning messages were pretty silly.

      The programme grew and grew over some months as the other students added their little bits to it, and we ended up with a completely wacky machine whenever this programme was running!

  15. Will Godfrey Silver badge
    Happy

    My fave past time was unpicking disc protection systems. I actually got quite good at it and ended up with a nice collection of lock-free games - I didn't seem to play them much afterwards.

  16. Joe 59
    Trollface

    My older sister worked for Xerox in the mid 90s, and we started to exchange emails which was a new thing for us at the time. She emailed me some EXE attachment, a legit program that her company apparently thought was fine to email around, and the possibilities intrigued me so I wrote a short application (in Turbo Pascal possibly?) for windows that simply displayed a window with a button that said "don't click this button" and if you clicked it, powered off your PC using the normal windows power off stuff. Took about an hour to research and write. I really just wanted to see if she was dumb enough to click it. She did. Then she called me freaking out about what I just did to her PC. Once she saw the humor in it, she forwarded it to all her friends, and in a week, it had been passed around to thousands of people via the forward button.

    Not clever at all, not polymorphic, not TSR, not encrypted, did no damage (unless you forgot to save your spreadsheet), but it could have... and it was passed around like herpes at a whorehouse. Those were heady days indeed.

  17. Andy Non Silver badge
    Trollface

    In 1980 or so I worked for a while at a large gov't establishment that used a Cray mainframe and one of my colleagues did a lot of graphics work (maps) on a special terminal. He could draw lines, circles etc by sending text commands to the monitor that began with a certain character sequence, something like "!#command" and I had great fun sending him random "clear screen" messages. Ah, the mischief of youth.

    1. JimmyPage Silver badge
      Thumb Up

      sending text commands to the monitor

      ah, that was how mainframes did graphics in those days. Techtronix and Wyse terminals ring bells.

    2. AlbertH

      Malicious network messages

      The "ping of death" was always fun!

      Two smart-suited salesmen were completely freaked out when they tried to demonstrate some grossly over-priced database where I used to work. Every time they started the programme up, their machines would crash after a few minutes. This persuaded our bosses that it would be much more sensible for us to write our own software!

  18. Lord Lien

    I wrote a password snatcher...

    ... in Pascal to replace the old DOS Novell login. Very crude, just used to write the username/passwords you entered into a hidden file & then throw up the invalid username/password error. It would then run the proper Novell Login so you would think you made a type'o. Think I managed to get 4/5 logins before it got found.

    1. Kevin 6

      Re: I wrote a password snatcher...

      Me, and my buddy did similar in my old programming class in qbasic.

      We left an account logged in we found that no one used

      made a fake login that passed the username, and pass to the account logged itself out, and actually passed the login arguments the person typed to novell while hiding everything before quitting to the dos prompt like it should have.

      We managed to nab the entire classes logins(for our class, and the one after) including the network admins pass cause we logged in on a PC he regularly used right before he came in that day.

      college it was way easier to use other peoples accounts as 85% of students(and 98% of teachers...) the username, and password were the same... just had to hit cancel on the novell login on win95, and it would give the prior username.

  19. Anonymous Coward
    Anonymous Coward

    Author says:

    > I had taught myself C from books and computer magazines, but it was in a generic, high-level way. I didn't really know the PC or MS-DOS very well

    But in those days you could call Microsoft customer support, and the software engineer¹ who picked up the phone could tell you what interrupt to use and what values to put in what registers. From memory.

    [ 1988-1990 or thereabouts was my only stint with Microsoft products, then I moved back to Unix and in 1995 onwards to Linux to this day. At least it served me to keep a good memory of my experience with Microsoft. ]

    ¹ Yes, an actual software engineer.

  20. Sorry that handle is already taken. Silver badge
    Windows

    "Did your PC crash a lot in the 90s? Yes, sorry about that"

    You worked for Microsoft?

  21. Andrew Jones 2

    Misspent youth -

    I took a print screen of the College RM Ware login screen, made it the background of the main form in Visual Basic 5 and added text boxes and buttons where they should of been, it took the username and password entered and appended a text file (disguised as a .dll of course) on the public network share.

    Logged in to a computer using one of the various guest accounts that I had become aware of, and left the program running all day - at some point, someone must have complained that they couldn't login to my fake screen and a network administrator tried logging in. Fun times. Though I admit I was a bit worried I might get kicked out of college.

    Another fun one - compiled as "Porn 2000" which was run by students an unbelievable number of times, did nothing but create hidden empty directories in the users network drive, and because we had quotas - once you reached your quota the network would start deleting files from your network space - starting with the oldest files and leaving hundreds of thousands of empty folders that you couldn't see. During this fun "prank" I also learned that Windows 95 REALLY didn't like trying to delete hundreds of thousands of folders and would crash explorer.

    Finally - for anyone wishing to cause mayhem in one single line of code - "attrib +H C:\*.* /S" would take a few minutes to run and would render the machine unbootable once restarted - it would set the hidden attribute to every file on the hard drive and Windows would attempt to boot and then complain it couldn't find some file - I don't remember which one now. It could be repaired from a DOS prompt by simply running "attrib -H C:\*.* /S"

    1. Joey M0usepad Silver badge

      i did same at college with dos novell login. got disciplinay cert im very proud of

  22. Daniel Voyce

    This is all far too high brow

    Whatever happened to just dismantling a floppy disk and gluing match head scrapings to the surface and leaving it in a school computer?

  23. Anonymous Coward
    Anonymous Coward

    I, too, once thought I was 1337

    because at WalMart I would occasionally go to a display machine running Windows 95 and add "echo y | format c: /u" to autoexec.bat

    1. Anonymous Coward
      Anonymous Coward

      Re: I, too, once thought I was 1337

      I remember a bug in Norton AV in the early 2000s that would look for strings like that in files - including the browser cache.

      the fun that could be had by putting it, plaintext, in a forum signature and laughing as people's browsers got shut down with a big ol' virus alert.

  24. Skizz

    Those were the days...

    ...trying to dream up novel ways to annoy your fellow students at univeristy!

    I remember writing on TSR that hooked into the keyboard interrupts and, at random intevals, would replace the keys codes the user was creating with a predefined message so it looked like the user had typed the message to hilarious effect (I wish).

    And then I discovered how to control the video hardware and created a TSR that would turn a text mode screen upside down by switching the page the video hardware was displaying and then frequently copying the default page to the displayed page (OK, it didn't turn the individual characters upside down).

    Fun days indeed.

    1. Anonymous Coward
      Anonymous Coward

      Re: Those were the days...

      I once wrote a simple disc sector editor, and used it to change the text of the CP/M boot banner, and the customise the names of the operating system utilities such as dir, copy, etc...

      Trivial now maybe, but this is how a 16-year-old learns about brand new technology ... open it up, poke about inside and see how it works.

      I remember being extremely jealous of a small group of contemporaries who had grown up with the commodore 64 and had learned assembler for the 6502, which they were fairly easily able to port to the 8088. Somehow they had learned the CP/M interrupts which are used to invoke the various operating system functions which invoked the various BIOS/BDOS and other operating system API functions.

  25. CP/M-80

    No interrupts on Apple ][ ?

    It's too long ago to remember, but I'm sure there were interrupts on the Apple ][ - maybe not in Apple Basic, but I'm sure there were interrupt vectors.

    An excellent article reminding me of the late 1980's. I wrote a TSR which displayed the time in the top right corner just as an exercise in programming - it was a common utility then and there was no reason to write it myself other than learning.

    Probably the nearest we got to a 'virus' was a friend at Uni's programme which (unintentionally) didn't play nice with the Encore Multimax and somehow the processor wasn't freed up after running. After he'd run it 12 times all processors were blocked and the mainframe went down. So he logged onto the second one and the same happened. Somehow the operators thought it was his fault and he got some serious flack for it.

    1. Andy Non Silver badge

      Re: No interrupts on Apple ][ ?

      "... and the mainframe went down."

      Reminds me of a bizarre incident at college when the IBM 360 mainframe crashed only to crash again soon after being rebooted. Everyone was baffled at first, fingers were pointed and foul play was suspected, especially when the incident repeated itself several more times. Eventually the culprit was found; someone had accidentally missed out a full stop in a particular COBOL program and there was a bug in the COBOL compiler which couldn't handle/parse that particular statement and instead of it just throwing a compiler error it crashed the compiler taking the mainframe with it!

  26. Anonymous Coward
    Anonymous Coward

    at college i wrote a false front end for novell login that captured passwords , back before it was gui.

    got found out . got falsly blamed for a few other things

  27. Anonymous Coward
    Anonymous Coward

    Presumably you now work for Sony or first4internet?

    They'd have a job just for you.

  28. Anonymous Coward
    Anonymous Coward

    Not a virus but....

    ... a very annoying app that I wrote as an experiment and left running (genuinely by accident) on the only windows machine in the lab at college used to swap the mouse buttons around every 30s. I remember getting a call at home by a very frustrated sounding lecturer.

  29. TeeCee Gold badge
    Happy

    Virus moment.

    Back in the late eighties, a colleague left to work for a certain very large software house with multiple sites globally. He sent me some stuff on floppies to look at for him.

    I rang him back to ask why he felt it necessary to send me a copy of the Form virus. This question led to several weeks of everyone playing whack-a-mole at a certain very large software house with multiple sites globally.........

  30. jake Silver badge

    In 1978, I was at Berkeley.

    We were using UNIX[tm], with full access to the AT&T source (thanks, ken!).

    In 1981, still at Berkeley, Microsoft gave us full access to DOS. We ignored it. Microsoft was, and remains, a toy. At best. At worst, it's a malicious marketing tool, used to separate fools from their money.

    The ability to code malware in the DOS (and later Windows) environment seems to have been intentional right from the git-go. How else could you possibly explain the continuous lack of security in the "product" over the last third of a century?

  31. David Given

    Interested parties might like to look at Leprosy's f-secure database entry:

    https://www.f-secure.com/v-descs/leprosy.shtml

    Killer quote:

    "The only thing which is remarkable about it is the fact that the virus is written in C."

  32. Alien8n

    Virus names

    I have the dubious pleasure of having a virus named after me (Trojan/Downloader-MB). Only AVG had seen it at the time but I was able to provide the other AV vendors with a full and detailed description of what it did and how to remove it. Was caught because I was running Sygate firewall at the time and the firewall actually flagged it trying to send home to download the main payload.

    Actually have a book on virus writing at home which I've never used.

  33. BinkyTheMagicPaperclip Silver badge

    I wrote a trojan for the Amstrad PCW

    Never released, of course, but a fun assembly exercise. Officially there were no PCW viruses..

    It ran, and performed its intended function. However, it also left a TSR in memory, two minutes later redefined the font characters upside down, and unloaded itself.

    Wouldn't have been too difficult to track, because the TSR facility is built into CP/M, and I didn't bother to do it the harder way and patch the kernel or change any of the jump vectors on the system. Why bother doing more when you know it can be done and have proven the principle.

    It would have been in 8080 code, too, with Z80 manually patched in. I used the compiling/linking tools included with the system instead of making life an awful lot easier by using a Z80 assembler. CP/M Plus' development tools were never updated to support the Z80.

  34. launcap Silver badge
    Boffin

    Not a virus..

    But I wrote a little utility (in assembler - my then job was writing IBM S/370 assembler on a TPF mainframe so it wasn't a big jump) to query all the shares on our (OS/2 LAN Server) servers on the network (after doing a broadcast to find them all) and query all the shares to find all the stuff that people had secreted on them..

    This was the early 90's so the stuff I found wasn't very exciting and I couldn't tell who had put the stuff there. And if I ran it too often the broadcasts would temporarily lock out my segment of the token-ring network..

    There's probably a reason why I stopped doing programming and started doing support instead!

  35. Anonymous Coward
    Anonymous Coward

    cyber-vandal

    "cyber-vandal"

    Hello, the '90s are calling and they want their buzzword back.

  36. wowfood

    Too young for this kind of fun

    By the time I started playing on computers we were already on windowx xp, so didn't have a chance to play around with a virus as such.

    Although I did managed to attach an auto-run script to a usb stick which popped a batch file into the startup folder which shut down the PC after a certain amount of time passed. It also helped me find out who kept stealing my usb stick.

  37. AndrueC Silver badge
    Thumb Up

    I wrote a virus for CP/M once. I wrote it on an Amstrad 6128 with 3 inch floppy drives though so it never had a chance to escape into the wild. Plus it took so long to write to the floppy disk that it was kind of obvious. Still - it did the equivalent of a TSR and hooked into BDOS.

  38. Someone_Somewhere

    rogers.com

    Back in the day, thanks to its aliasing, replacing command.com with 4dos.com (renamed to 'command.com', naturally) and an alias file that responded like 'Eliza' was loads of fun (for me, not my victims)

    Del <some file>

    Delete <some file>. Are you sure?

    Y

    Are you really sure?

    Y

    Tell me more about <some file> first.

    Round and around she went, where she'd stop nobody knew ;D

  39. 080

    Simpler the better

    We had great fun with a particularly prickly manager, just swapped round two of the key caps for his username and watch him try to log on.

  40. J.G.Harston Silver badge

    Not a virus...

    but an unkillable process: main() { for (;;) fork(); }

    Still use it to thrash test my PDP11 emulator.

  41. Zmodem

    i got 500 million sleepers on my botnet called skynet waiting to wake up for judgement day

    gonna doss attack mcdonalds

  42. Androgynous Cupboard Silver badge

    Look at you lot

    Did anyone here not write a virus or gremlin of some sort as a teenager?

    (my first was a TSR keylogger, and one we had the teachers password...)

  43. BenBell
    Pint

    Without a doubt

    ...my favourite El Reg article to date. The insight, the nostalgia, the eager yearning to get back on an ancient machine with less power than my mobile phone for the sake of the "good old days".

    Thanks for helping me plan next weekend, and thanks from my wife because I will no longer need a babysitter while she is out with her friends ;)

    Beer because... why not!

  44. .@.

    Ah the good old days :)

    I remember my time at university (the university shall remain nameless). One of the common things people did was try to write password grabbers. I had a trick up my sleeve, though ...

    The operators used a shared account called OPERATOR. Unlike other accounts, this had the 'secondary password' bit set on the account, meaning it required two passwords to log in. This was to make life harder for shoulder surfers, as they would have to get both passwords and they cycled them around every few days. This was a VMS cluster, by the way.

    So when I was suspicious that there was a password grabber in operation, I'd try to log in as OPERATOR and see if I got two password prompts. If I did, I knew it was the real deal. Nobody was clever enough to write a password grabber that simulated this.

    Luckily I never made my knowledge widely known, because I didn't know the system would lock the account out after five (?) bad attempts. Which would have made me very popular :D

    An unverified story someone told me too ... they could not figure out why their terminal servers (old definition of 'terminal server' ... ever heard of LAT?) kept crashing on Friday afternoons. Apparently, some student had a father who worked at Digital and knew what all the default passwords were, and they had never been changed. He'd log in and reboot the thing so that everyone got to go home early as their classes were cancelled ;)

  45. Evoflash

    I once made a Geocities Flash website that opened itself in five new windows.

    I'd send the link to people on MSN Messenger that were annoying me.

    That was the pinnacle for me.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like