Step back into the late 1980s and early 1990s in Sofia, Bulgaria, a nation transitioning from communism and becoming an unexpected epicenter for early computer virus creation. This episode delves into the story of Vesselin Bontchev, a young researcher studying the nascent threat of computer viruses, and the emergence of the notorious virus writer known only as "Dark Avenger". Explore the destructive nature of early viruses like "Eddie" and the escalating rivalry between Bontchev, who sought to counter the viral threat, and Dark Avenger, who released increasingly malicious code and even targeted Bontchev directly. Discover how American Sarah Gordon stumbled into this world, her interactions with Dark Avenger, and the creation of the revolutionary, dangerous Mutation Engine (MtE). We'll also examine the unique socio-economic conditions in Bulgaria that fostered this "Virus Factory," including a surplus of skilled tech enthusiasts with limited opportunities and widespread software piracy.
Main Topics Discussed
The Bulgarian Virus Scene: The episode explores how Bulgaria, particularly Sofia, became a surprising hub for computer virus creation in the late 80s and early 90s, coinciding with the country's political and economic transition.
Vesselin Bontchev vs. Dark Avenger: A central theme is the rivalry between Vesselin Bontchev, an anti-virus researcher, and the prolific, malicious virus writer known as Dark Avenger. This includes Dark Avenger's increasingly sophisticated viruses (like Eddie and Nomenklatura), his targeting of Bontchev and others, and Bontchev's efforts to analyze and combat the viruses.
Sarah Gordon and the Mutation Engine (MtE): The story of Sarah Gordon, an American who became fascinated with the Bulgarian virus scene and interacted with Dark Avenger. This interaction led to Dark Avenger creating the groundbreaking and dangerous Mutation Engine (MtE), a tool allowing viruses to constantly change their code to evade detection.
Psychology and Sociology of Virus Writing: The episode touches upon the motivations behind virus creation, including seeking fame, rebellion against authority, socio-economic factors like lack of opportunity and widespread software piracy in Bulgaria, and Sarah Gordon's research into the mindset of virus writers.
Early Computer Viruses and Anti-Virus Efforts: The discussion covers the nature and mechanics of early computer viruses (e.g., infecting .com/.exe files, corrupting disk sectors, targeting the FAT) and the nascent anti-virus techniques and communities forming to combat them (like CARO and FidoNet).
Call to Action:
Subscribe to the podcast for more episodes on high-profile cyber intrusions.
Visit our website at intrusionsindepth.com for additional stories and insights.
Share your thoughts on social media using #IntrusionsInDepth.
Links and Resources:
https://bontchev.nlcv.bas.bg/papers/factory.html#The%20Dark%20Avenger
https://www.f-secure.com/v-descs/eddie.shtml
https://www.theguardian.com/news/2023/may/09/on-the-trail-of-the-dark-avenger-the-most-dangerous-virus-writer-in-the-world
https://en.wikipedia.org/wiki/Sarah_Gordon_(computer_scientist)
Fancy Bear Goes Phishing: The Dark History of the Information Age, in Five Extraordinary Hacks by Scott J. Shapiro
https://(.)youtu.be/1iq9w5Tn_DQ
https://(.)www.youtube.com/watch?v=NtJ0CQ7K6_4&ab_channel=DEFCONConference
Host: Josh Stepp
Produced by: Josh Stepp
Thank you for tuning in to IntrusionsinDepth. Stay informed, stay safe, and see you in the next episode!
Share this post