                         Cicatrix and VDAT
                                By
                            Horny Toad


     I get many requests from people asking what is the most
definitive and complete resource for virus information.
Without a second thought, I direct them to VDAT.  For those
of you who do not know about VDAT, quite simply, it is a
compilation of virus writing tutorials, interviews, and
reviews of virus utilities and groups.

     The creator of VDAT is Cicatrix.  Cicatrix describes
himself as a regular run-of-the-mill average guy who happens
to 'dig' computer viruses.  Well, this average guy, is one
of the most respected suppliers of virus related material in
the world.  He not only maintains VDAT, but also a web site,
http://www.cyberstation.net/~cicatrix. No other site on the
web has kept so many up-to-date virus collections,
magazines, and utilities. Let me stress this point - go to
Cicatrix's web site to download the most current virus
magazines. (especially Codebreakers Zine).  Cicatrix also
maintains monthly zipped collections of virii and source
code, which is great for building your virus database.

If you are new or old to the virus scene and don't visit
Cicatrix's site often, I highly recommend that you check it
out.  From his web site, you can download current versions
of VDAT.

In order to shed some light to the mystery of who Cicatrix
is, I did an interview with him.

Enjoy.


> 1. So, how did you start out in computers?

My first experience must have been around 1983 when I saw
some 10-12 year old kid do magic with a computer keyboard.
I decided that what a 10-12 year old kid could do I could
better so I bought my first computer (Acorn Electron with
a cassette player for storage) and started fooling around
programming simple stuff in BASIC.

> 2. When did you get into the underground scene?

I don't consider myself underground really, I have nothing
to hide (yet). My first virus encounter must have been the late
'80's. I'd often heard about this magical thing called a
computer virus but I had never encountered one. Having moved
to an IBM-compatible computer (8088) I was using quite a lot
of pirated software and I used McAfee as a virus scanner.
Then one day when I decided to scan a diskette which I did
not expect to have a virus (it came from a reputable source)
I found the Cascade virus. I used this virus to get on a BBS
with viruses and started downloading after I got access.
With those viruses I got access to other VX BBS's etc.etc.

> 3. What groups have you belonged to in the past?

None.

> 4. What is your opinion on virii and virus writers?

Both are pretty interesting, but basically I collect viruses
just like someone who collects stamps. Writers can be just as
interesting although a lot of people that consider
themselves virus writers I consider as just hangers-on.
There are some pretty weird personalities out there though
and I haven't met the 'standard' lonely, pathetic teenager
yet.

> 5. Dou you ever get any hassle or interference from the
law about VDAT or your web site?

No, not so far. I don't think what I do is exactly illegal
although some might consider it immoral. People who visit my
site do so out of free will. Just like I say on my site,
should stuff start 'heating-up' I'm going to quit making my
collections available through a website.

> 6. When did you first put together VDAT? Why?

Release 1.0 was released August 1995. Here's the intro to
that version, it includes the why:

For years I've been reading .DOC .TXT and .ASC files about
the virus and anti-virus scene. Those files are by now
spread out across a lot of my diskettes and whenever I
wanted to read something a second time I knew I had, I of
course couldn't find it and ended up downloading it again.
Finally, I was sick and tired of it and came up with a
solution. I combined everything in a hypertext format which
I now keep on my hard drive. The initial release took me about
a month and a half but hey, it's an improvement and I enjoyed
doing it. Anyway, why keep it to myself? Here it is, use it
if you want to, otherwise: trash it!"

> 7. What do you see in the future for virus writers?

As long as there are computers there will be computer
viruses, as long as there are viruses there will be virus
authors. It might get more difficult in the future to write
a 'successful' virus but it has been proven several times already
that there are a lot of smart, innovative people that want
to write viruses.

> 8. How long will you continue compiling virus data?

As long as I enjoy doing it and as long as I have the time.

> 9. What are your future plans after school?

Just continue what I did before school, work. The classes
I'm doing are just employer-imposed additional training.

> 10. Are you currently taking any computer classes?

Nope, everything I know I taught myself.

> 11. What is your definition of a hacker?

I don't really have one. Depends on the hacker's background.
An 'underground' hacker tries to get access to a system he
doesn't have access to. A 'legit' hacker is knowledgeable Unix
guru without any real 'underground' needs.

> 12. What is your rapport with the AV community?

Almost non-existent. I had a few small e-mail contacts with
some. I guess most consider me VX and don't want anything to
do with me. Personally I consider myself to be sort of
middle-of-the-road, I can appreciate arguments on computer
viruses from both sides. I also think there is a basic
difference between making computer viruses and know-how
available and the active spreading of viruses.

> 13. Do you write virii? If so, how many have you written?

Nope, not even with a VCK.

> 14. Would you ever refuse to put something on your web
site or in VDAT?

Yes, I regularly do. I determine what is on my site, space
is limited and it has to fit in the subjects I have. VDAT
is a matter of accuracy, I want to be as accurate as possible
but if information I get from someone is inaccurate it is hard
to check.

> 15. Is anything too malicious?

Yes, destruction for the sake of destruction is unnecessary.

> 16. How do you see Windows 95/98 affecting virus writing
techniques?

The future. Not as hard as some people thought it would be
although most W95 viruses are not as stable and
sophisticated as some DOS viruses.

> 17. How do you find the time to put together and maintain
VDAT and your web site?

You tell me, sometimes I don't know how and why I do it. A
laptop with the works helps.

> 18. Where are you from?  What part of the world are you
living in now?

Some know my exact nationality but lets stay with Western
Europe.

> 19. Are there any virus groups that you particularly
dislike?

No, I don't dislike anyone in the VX or AV world.

> 20. On VDAT, you have interviews with AV people.  What is
your relationship with and attitude towards the AV community?

Just for the record, a lot of interviews in VDAT were compiled
from several e-zines. All of the AV interviews were. The last
couple of months I've done several interviews myself but all
of those were VX.

> 21. Would you encourage beginning virus writers to join a
group? Why?

Nothing against groups but with some notorious exceptions
the 'best' and most known virus writers started out on their
own. This was in the beginning of the computer virus era
though, nowadays being a member of a group saves a lot of
effort to get to a higher level.

> 22. Of all the thousands of virii that you have come
across, do you have a few favorites that come to mind?

I 'like' the ones that show a sense of humor. I also 'respect'
viruses that are advanced on a technological level, find new
holes in system and show a original way of thinking. I don't
really 'like' the basic overwriting and/or destructive virus
and also viruses created with a well known VCK like PS-MPC
are on the bottom of the list.

--
