Digital Archaeology: Floppy Disk #10 – DANGER.DOC

Posted on by Azrael Comment


A summary for those that haven’t been keeping up with this series:

I found a number of 5.25″ disks at a thrift store a number of years ago. I finally got around to acquiring a 5.25″ disk drive and extracting the contents a while back. Since then I have been posting the contents here.

Based on the contents, at least some of these disks were apparently once owned by someone named Connie who used to run the “Close Encounters” Special Interest Group (SIG) on Delphi in the mid 1980s.

A specific definition of this SIG was found in a document on one of the disks: “This SIG, known as ‘Close Encounters’, is a forum for the discussion of relationships that develop via computer services like the Source, CompuServe, and Delphi. Our primary emphasis is on the sexual aspects of those relationships.”

This service was text based and was accessed via whatever terminal program you used on your computer to dial in to Delphi’s servers. Many of these disks have forum messages, e-mails and chat session logs. All of this is pre-internet stuff and I don’t know if there are any archives in existence today of what was on Delphi in the 1980s. In any case, much of this stuff would have been private at the time and probably wouldn’t be in such archives even if they existed.

This post includes the contents of DANGER.DOC which is dated September 30th, 1985. This is some kind of announcement I’m assuming was sent out by Delphi. Basically, it warns about various trojans and names some specific shareware files to avoid because of malicious behavior.

See the previous post here.

===
DANGER.DOC
===

SEP   EXIT +
  6  26-SEP   NEW GOODIE BRIEF
  7  23-SEP   MANAGERS CONFERENCE BRIEF
  8  15-SEP   PEABO AND DICK EVANS (BRIEF)

ANNOUNCE>(SCAN, READ, HELP or EXIT): read 2

  2  30-SEP  VERY BAD SOFTWARE WARNING

EXCERPT FROM THE AUSTIN PC USERS GROUP NEWSLETTER 9/85



Warning:  Someone is trying  to destroy your data.  Beware of

the  SUDDEN upsurge  of "Trojan  Horse" programs  on Bulletin

Boards and  in the public domain.   These programs purport to

be  useful utilities, but,  in reality, they  are designed to

sack your system.



One has shown up as EGABTR, a program that claims to show you

how  to  maximize  the  features  of  IBM's Enhanced Graphics

Adapter, and has also  been spotted as a  new super-directory

program.   It actually  erases the  file allocation tables on

your hard  disk.  For good measure, it asks you to put a disk

in Drive A:, then another  in Drive B:.  After it  has erased

those FAT's too it displays,



"Got You! Arf! Arf!"



Don't  run  any  public-domain  program  that  is not a known

quantity.   Have  someone  you  know  and trust vouch for it.

ALWAYS  examine  it  FIRST   with  DEBUG, looking for all the

ASCII strings and  data.  If there is  anything even slightly

suspicious about it,  do a cursory  disassembly.  Be wary  of

disk calls (INTERRUPT 13H), especially if the  program has no

business writing  to the  diskl.  Run  your system  in Floppy

only mode  with write protect tabs on  the disk on junk disks

in the drives.



Another bit of information came from the ARPANET:  Be careful

what  you put into  your machine.  There  is out there making

the rounds  of the  REMOTE BULLETIN  BOARDS a  program called



VDIR.COM.



It is a little hard to  tell what the program is supposed  to

do.



What  it  actually  does  is  TRASH  your  system.  It writes

garbage onto ANY disk it can find, including hard disks,  and

flashes up various messages telling  you what is doing.  It's

a TIME BOMB:  once run, you  can't be sure  what will happpen

next because it doesn't always do anything immediately.  At a

later  time,  though,  it  can  CRASH your system.  Does this

remind you of some of  the imbecillic copy-protection schemes

threatened by companies such as Vault and Defendisk?  Anyway,

you'd do well to avoid VDIR.COM.  I expect there are a couple

of  harmless-perhaps   even  useful=Public   Domain  programs

floating  about with  the name  VDIR; and,  of course, anyone

warped enough  to launch  this kind  of trap  once, can do it

again.  Be careful about untested "Free" software.



Two other files that we are aware of that will also do damage

as reported in the past:



STAR.EXE



Presents  a  screen  of  stars  then  copies  RBBS-PC.DEF and

renames  it.  The  caller then  calls back  later and d/l the

innocently named file,  and he then  has the SYSOP's  and all

the Users' passwords.



SECRET.BAS



This file was left on  an RBBS with a message saying that the

caller  got the file from a  mainframe, and could not get the

file to run in his PC, and asked someone to try it out.  When

it was executed, it formatted all disks on the system.



(This file  DANGER.DOC from  JIMNET bulletin  board - Austin,

TX; Sept 85)




ANNOUNCE>(SCAN, READ, HELP or EXIT):

📂This entry was posted in Computer Arcana 📎and tagged

Related Posts