IWormGokar Interview - Simon (Creator)
Company: IWormGokar Virus
Person Interviewed: Simon
Company Position: Creator
For those of you who are unaware of what the IWormGokar Virus was, it was a Virus created in the UK which did nothing but spread via Email, IRC and IIS. No destruction was involved of anyone's computer, but destructive or not - a virus is a virus and unfortunately Simon (the creator) is now being penalized for his wrong-doing. Check out what he had to say below about the situation that some newspapers are calling the World's "Third Largest Virus."
First off, could you tell us a little bit about yourself? Name, age, and where you are from?
My name is Simon and I?m 22. I live in a small seaside town in Wales, UK.
Did you have a motive for creating the virus?
I'd recently lost my mother and it was my 21st birthday (I wrote it on the 4th of December, my birthday), I guess I felt sorry for myself.
I'm sure others are curious as well, and many of us would like to know one thing. What were your intentions of this?
I never had any intentions, I just underestimated what I was doing at the time.
What was the virus supposed to do? Was it destructive?
The only intention of Gokar was for it to spread. It was not destructive at all.
From my experience from attempting to remove many a computer virus from my computer, I have seen there are many different kinds of computer virus, each doing its own thing. How does yours differ from other computer virii?
It spread via 3 means, Email, IRC, and IIS web servers. It was one of the first to use random subject lines, message bodies, attachment names and 5 executable extensions (*.pif, *.com, *.bat, *.exe and *.scr).
What was the reason you were sentenced? When will the court date be? What do you expect the sentence to be, or what are the possible sentences?
The court date will probably be in early to mid February, the max sentence under the UK?s Computer Crime Act (Section 14), (which is what I was charged with) is 5 years and / or and unlimited fine. As for predictions, I couldn?t possibly say.
What is your current status on this whole issue?
Waiting for sentencing, and hoping for a judge that understands I made a mistake, which I deeply regret, and seeing me for the person I am not the crime I committed.
What is the one thing on your mind right now from all of this?
In a word : ?Why?? Why did I do it ?!
I noticed on your website that you had many 3D Rendered images. It is obvious you have much talent, do you plan on using this for a job someday?
Thank you. I?ve always been interested in graphic design and art, but it?s never been my intention to get involved in that field of work. That?s not to say I wouldn?t, it?s just something I enjoy doing and helps me in my day to day job (I?m a web designer), if I get paid for it, great, if I don?t that?s fine, as long as I enjoy it I?ll carry on doing it.
What kind of background do you have with computers and technology?
Just personal use really, I had commie?s, Amstrads, Sinclair?s etc when I was younger, but nothing that I would really class as a ?background?.
Have you ever had special training with computers? Courses, college, etc?
Nope, none at all. I think in my high school the IT training was pretty pathetic, like how to copy a floppy disk etc. Hopefully it?s advanced some since then.
What do you think the motives are for others who have made a computer virus(s) and been caught? Do you think their motives are different, if so, how do they differ?
I couldn?t possible comment on other people. I?m not much of a ?what if? person.
People making computer virii and the spreading of them across the internet is an ever growing problem for those dealing with internet security and network security as well. How do you think they should deal with this sort of problem in the future?
Heuristics! Signature scanning is an outdated model that can easily be defeated, either by creating the code from scratch or modifying existing code / binaries. For example, say a viral signature for X Anti Virus was 57696E736F6339h, this can easily be altered to 57696E736F633Ah, by replacing just a single byte / instruction with a corresponding opcode (in this case 39h to 3Ah, this is a CMP instruction), the binary remains fully functional, but this signature is now different, meaning its no longer detected.
I think that people often times view computer hacking and virii differently. Computer virii a nuisance, and computer hacking a fearful problem for those who don't know much about it. Either way, people fear them both, because over half of the internet population is still learning much about them because there is always something new appearing. Do you think they should be looked at as a related problem, or do you think they are two separate subjects?
I started off ?hacking? (I?ll not go into the reasons of why this word has little relevance today), and programming on Linux / *ix based systems, but for some reason I always ending up back coding for Win32. In films, books, the media etc, there is a myth that ?hackers? break into systems and plant viruses and destroy data.
If you could say anything to the readers, good or bad, what would you say about this situation?
Thank you for reading, and please, try not to judge me on a single act. I made a mistake, I?m sure you?ve all made mistakes too.
Thanks for your time Simon, and we're surely glad you accepted our invitation for the interview. Good luck with your trial and have a great life.