Someone paid more than $1.3 million for a netbook full of malware

Shawn Knight

TechSpot Staff
Staff member

Take something ordinary, slap the term “art” on it and people will pay a fortune. Or at least, that’s the lesson garnered from this story.

The Persistence of Chaos is an art project commissioned by cybersecurity firm Deep Instinct. Get this – it’s literally a 10-year-old Samsung NC10 netbook loaded with some of the world’s most malicious pieces of software that recently sold for more than $1.3 million at auction.

The piece was created by contemporary Internet artist Guo O Dong to “make physical the abstract threats posed by the digital world.” It contains six pieces of malware – ILOVEYOU, MyDoom, SoBig, WannaCry, DarkTequila and BlackEnergy – which have collectively caused financial damage totaling $95 billion.

Dong told The Verge that we have this fantasy that things that happen in computers can’t actually affect us, but this is absurd. “Weaponized viruses that affect power grids or public infrastructure can cause direct harm,” Dong added.

The laptop is “isolated and airgapped” to help prevent the malware from spreading. Engadget likens it to a grenade – so long as you don’t pull the pin out (or in this case, connect it to Wi-Fi or plug a drive into it), it should be safe.

Image credit: Virus malware by Yuttanas

Permalink to story.

 

TomSEA

TechSpot Chancellor
Seriously, that's beyond dumb. It wouldn't take much for a technology savvy person to build one of those on their own by downloading sketchy software until they'd built up this "library" of malware.
 
Last edited:
  • Like
Reactions: Mokona

EEatGDL

TS Evangelist
Damn, I've been gathering the wrong contacts; I should be friending gullible people with deep pockets.
 
  • Like
Reactions: mosu

treetops

TS Evangelist
Lol I'd love to see how the buyer showcases this piece to friends.

"This is a tooth from a saber tooth tiger, most deadly creature, apex predator of his day. Weighing in at half a ton"

"And next we have a laptop containing not one, but six of the most financially devastating pieces of malware known to man!"

~Gasp~
 
  • Like
Reactions: regiq and Steve

Nobina

TS Evangelist
The laptop is “isolated and airgapped” to help prevent the malware from spreading. Engadget likens it to a grenade – so long as you don’t pull the pin out (or in this case, connect it to Wi-Fi or plug a drive into it), it should be safe.
So whoever owns this laptop can try to get other PCs infected?
 

gollum21

TS Enthusiast
The laptop is “isolated and airgapped” to help prevent the malware from spreading. Engadget likens it to a grenade – so long as you don’t pull the pin out (or in this case, connect it to Wi-Fi or plug a drive into it), it should be safe.
So whoever owns this laptop can try to get other PCs infected?

"The sale of malware for operational purposes is illegal in the United States. As a buyer you recognize that this work represents a potential security hazard. By submitting a bid you agree and acknowledge that you’re purchasing this work as a piece of art or for academic reasons, and have no intention of disseminating any malware. Upon the conclusion of this auction and before the artwork is shipped, the computer’s internet capabilities and available ports will be functionally disabled."

Of course, you could just take the hard drive out and connect it into a network capable computer. So yes. Or save $1.3 million and download the malware on your own xD
 

Mokona

TS Rookie
Seriously, that's beyond dumb. It wouldn't take much for a technology savvy person to build one of those on their own by downloading sketchy software until they'd built up this "library" of malware.
Tech-savviness not required - I've had plenty of requests from various acquaintances to check out their PCs, because they'd been "running slow lately".

The nightmare-scenes I encountered on those computers make this look positively tame by comparison: every kind of malware, adware, rootkit, virus, keylogger, screen-logger, remote code execution platform, DNS-redirection system, Bitcoin miner, ad-injector and pretty much anything else vile you can pick up on the net.

I usually felt like a doctor looking at the bloodwork of a patient that had been prostituting themselves without protection or limitations to anyone (or groups of anyones) and anything for $5 a pop 20+ times a day for 30+ years, all while doing drugs and sharing needles with others doing the same thing.

The only solution was usually to image the hard drive to see if anything was recoverable later (without bringing anything evil along), then completely wipe EVERYTHING, reflash the BIOS and HDD controller firmware (because even those weren't always safe), throw the entire machine into a bathtub full of Clorox, then finally start over from a fresh OS image.

...even then, I would usually keep them on an isolated network connection for at least a week, logging any and all network requests coming from the system, since there are *things* that will sometimes hide in the deep dark places that are more stubborn than the worst roach infestation.

The naive layman with a spirit for adventure and a love of exotic pornography can unwittingly create monsters even a pro can't readily reproduce...

I have a drive on an isolated machine set up so I can keep safely quarantined samples for analysis, but once something goes on that machine, it never comes off. It has neither ethernet nor wifi adapter, just a DVD drive and hard drive dock to transfer things from before the docked drive is wiped or destroyed. It doesn't even have a system drive, just a collection of live DVDs to boot from (pretty much the only thing I still use optical media for - will have to update to Blu-ray some day for more space, or so I've been telling myself for years).

Schools should really teach basic internet safety right alongside sex-ed; then again, from what I hear, sex-ed is pretty woefully lacking in the US today too...
 
  • Like
Reactions: CloudCatcher

Mokona

TS Rookie
Damn, I've been gathering the wrong contacts; I should be friending gullible people with deep pockets.
Where does one even find these people?

I'll gladly make them a machine just like this for 10%, no, even as low as 1% of the price it went for - heck, I'll even 3D-print or mill them a custom case for it if they'd like, so it can truly be "one of a kind".
 

EEatGDL

TS Evangelist
Where does one even find these people?

I'll gladly make them a machine just like this for 10%, no, even as low as 1% of the price it went for - heck, I'll even 3D-print or mill them a custom case for it if they'd like, so it can truly be "one of a kind".
Art exhibitions and circles of highly pretentious and superfluous people (events/parties of "high society"). I've had some interaction with those circles because of my parents and my brother (who moves in creative/artistic circles) but I've hated those interactions.