Amiga Virus
In 1987, Amiga users who tried to soft reset their Amiga computers where horrified to witness a message that shouldn't be there:
Something wonderful has happened Your AMIGA is alive !!! and, even better... Some of your disks are infected by a VIRUS !!! Another masterpiece of The Mega-Mighty SCA !!
This was a bootblock virus, it would copy itself to other floppy disks and thus self-replicate. Amiga users initially had no clue how to handle this new threat in their home.
In March 1991, immediately after the coalition forces had completed Operation Desert Storm against Saddam Hussein's forces in Iraq, Amiga computers around the world started exhibiting weird disk errors. Disk errors weren't that uncommon, as disks could get worn out, but it started happening far too often to be caused by normal usage. Attempts at repairing the disks would not help, as random files would be overwritten permanently, and then, the unthinkable: The Amiga would hard crash, with one of the dreaded red blinking Guru Meditation messages. Except this message would just say the words
'SADDAM VIRUS'
As viruses would begin to run rampant among unsuspecting users of Amiga warez, the knowledge and understanding of the virus concept itself also grew. We started write-protecting our floppy disks to ensure no data could be written, even if a virus should be resident in memory. Eventually, virus checker programs would help in finding and isolating the malicious code. As the Amiga waned in popularity, the concept of computervirus made the leap to a new type of host in PC's and other computers, and would spawn giant corporations focused on fighting malicious software.
And even though the first Gulf War was over in 1991, the President of Iraq, Saddam Hussein, would continue to be an enemy of the U.S., until his execution in 2006.
The virus that bears his name still has the power to be annoying in 2018.
Star Fleet I
I was trying to play a fun Amiga game called 'Star Fleet I' from 1986. It is a 'Trek Game', based on the 1971 Star Trek text game by Mike Mayfield, which I have also been playing a bit lately.
The original game can be found on thegamearchives.net and archive.org, in the form of an ADF file, an Amiga disk image file. I was playing the original disk with no problems. Today I wanted to continue my game, but the game asked for password protection in the old school way of referring to a particular page, line, and word in the 100-page manual. I didn't want to do that, so I looked for a cracked version instead, as a true Amiga pirate. Now there are a couple of cracked version floating around out there, and I found one that worked, and played it. After rebooting the virtual Amiga, I got this error:
Now, if this wasn't on an emulator, I would have assumed that the error was a real disk error, but emulators don't cause wear and tear on disk images, so I wondered what was going on. After pressing cancel, the game still worked, so I pushed it out of my mind. A few minutes later, the Workbench (desktop) was suddenly pulled to the foreground, and the same validation error was back! When I started a game, it suddenly crashed with a horrible Guru Meditation:
The disk image would never work again. Some old alarm clocks were distantly going off in my head. Something about this whole thing seemed familier. I checked the name of the disk image with the cracked version:
Star fleet i the war begins! v2 1e (1987)(interstel)[cr action][v saddam 1]-amiga
And suddenly realized why: The disk had the dreaded SADDAM virus on it.
thegamearchives.net has been helpful enough to warn me about the virus on this disk image, and I had just ignored it, assuming they were talking about a cracker group or something else, not the real ressurrected SADDAM virus from my teen years, kept in pristine condition forever in this archive, like a strain of some horrible biological disease lying in an abandoned underground lab, just waiting for some hubristic idiot to open Pandora's box.
Being that idiot, I took it as a learning experience, and investigated how to remove a SADDAM virus.
Disk-Validator
SADDAM is a Disk-Validator virus, meaning that it resides on disk in the file L:Disk-Validator. As soon as the virus becomes active, it will stay resident in memory and overwrite Disk-Validator files in newly inserted disks and thus replicate itself.
The file is 1848 B, this is the whole thing:
I found the original Disk-Validator files from Workbench 1.2 and Workbench 1.3. They are identical and both exactly 1848 B, as well as the file on the original un-cracked disk image of Star Fleet I, which is slightly different, and 1892 B. Comparing those to the one on the cracked disk image, it looks very different. There is suspiciously no message strings in the code except 'BitMap Checksum Error' in the cracked Disk-Validator, whereas the original ones include the strings 'in drive 00', 'Replace volume', 'is out of range', 'is invalid', 'bad extension', 'not directory of file', 'bitmap checksum error', 'bad block type', 'unexpected data block', 'second root block', 'bad directory', and 'bad header'. These are the types of messages you would expect from a disk diagnostic tool, instead of the weirdly compressed looking code in the cracked one.
Comparing to a few different versions of the SADDAM virus, however, seems more appropriate. I have compared to 3 different dumps from the Amiga Virus Collection at archive.org, DISK_VALIDATOR_SADDAM, SADDAM_DISK_VALIDATOR_VIRUS, and SADDAM_2_BOOTVIRA. They are all 1848 B, they all have the one string 'BitMap Checksum Error' in the same location, and all look compressed.
Fixing Star Fleet I
Fixing the disk with the cracked version of Star Fleet I is easy enough. I simply need to modify the ADF and replace L:Disk-Validator with a copy of the original Workbench 1.3 one. For modifying the ADF, I used ADF View: http://www.viksoe.dk/adfview/, and it was as simple as dropping the file into the right directory, and close the window, and SADDAM was gone forever, until some other idiot downloads it from thegamearchives.