Analyzing the source code of an old computer virus offers fascinating insights into the development practices and programming techniques that evolved in isolation due to its nature, without any influence from a broader community. This analysis is particularly interesting since I have had the opportunity to query the authors about their reasoning in the present.
Thanks to an encounter by chance with two casual middle aged gentlemen at the Communication Convention Center (C3) »Mitte« early one morning and convincing them that their story deserved documentation, I had them unveil a highly idiosyncratic hacker’s time capsule, transporting me back to the world of 1990s malware.
Worth mentioning how simple the implementation could be if we're limited to COM, which is just a blob with machine code. Simple enough that being a 8 y.o. kid I encountered a book that explained the concept (something like JMP on entry, patch to original and JMP back). The entire thing was assembled over a few hours and deployed to a park of 80286's at school the next day, with consequences imprinted as a bright traumatic experience. This part was not explained in the book.
There were some communities out there, via both BBS and early internet forums, & etc. I remember reading Phrack, 40hex, and similar zines which had extensive documentation and samples.
You can still find them online, along with other things:
Thanks to an encounter by chance with two casual middle aged gentlemen at the Communication Convention Center (C3) »Mitte« early one morning and convincing them that their story deserved documentation, I had them unveil a highly idiosyncratic hacker’s time capsule, transporting me back to the world of 1990s malware.