Its creation was a fun experiment. It was inspired by the boot block based SCA virus which had reached dubious fame due to its very successful spreading and the flaw of overwriting the boot block. Would it be possible to create a self spreading file, thus breaking out of the boot block dread?
Development took place between spring and fall 1988.
The early code name was HOUZ virus.
Thinking up the name we tried to find something that would sound mean and at the same time on the verge to ridiculous. The final name was inspired by a rap band called The Terrorists.
The virus does not harm the system. In fact, care was taken to avoid any even unintentional damage.
The "BGS9" was in fact a clone. Its code is almost identical even including the resident name "TTV1". It got more reach and thus was regarded as the origin.
About the life of the beast
TTV1 installs itself as a reset proof resident module (KickTag/ROMTag) named "TTV1"
On reset the resident module (virus) is called
Execution gets delayed in order to gain disk write access. Therefore Intuition's OpenWindow function is redirected.
As soon as the AmigaDOS tries to open the CLI window the OpenWindow gets called the virus looks for the startup-sequence on the booted disk
The virus is looking for the first command (A) in the startup-sequence
File request windows (e.g. "Disk is write protected") are being temporarily disabled
Virus renames A to $a0202020a02020a020a0a0. This is a combination of none breaking spaces and spaces. The idea is that the user will oversee this "invisible" file.
Virus writes itself as an executable command with the name of A to the disk
Eventually A gets loaded and executed with all its parameters by the virus
The next time the user will boot the disk the virus gets loaded into RAM and step 1 takes place. On reset the horizonal beam position gets evaluated. If the beam position is smaller than a certain number the screen turns black and a message in white letters appears.
The First Terrorists Virus (TTV1)
Facts
About the life of the beast
.