Coming across with one of the most malware infected device in the world, one would think that the owner should throw the device away and wish that his data was not stolen and the infection would end. But that is not the case with a laptop that is infected with so much malware – the world’s nastiest ones – that some people call art for its own merits.
And people are willing to pay hefty amounts of money; even millions of dollars to earn possession of the infamous “art piece.”
The admired Samsung netbook that is currently in an auction has been infected with six infamous pieces of malware is now technically considered an art piece called “The Persistence of Chaos.” It is not an ordinary art project, however. According to reports, the art project is a collaboration between Guo O Dong, a Chinese internet artist, and security firm Deep Instinct, with bidding currently running at $1.13 million (around £900,000, AU$1.65 million) at the time of writing.
The six pieces of malware installed are WannaCry, BlackEnergy, ILoveYou, MyDoom, SoBig, and DarkTequila – each of which has earned notoriety for scamming huge amounts of money from their victims.
But of course, the intention of the installation isn’t to infect other devices and networks, so the Samsung netbook has been air-gapped (meaning it isn’t connected to the internet or anything else) to prevent any spread of these nasty pieces of malware. The auctioneers note these malware infections have caused a total estimated financial damage of around $95 billion (£75 billion, AU$140 billion) over the years. All the PC’s ports will be disabled post-auction, too.
Etienne Greeff, CTO, and co-founder of SecureData, raised an interesting point on the potential reaction from the shady world of malware peddlers and cybercriminals.
“Somewhere in Russia, a hacker is wondering how he only made a measly $300,000 from his ransomware attack when he could have made $1,000,000 selling it as art. Where there is muck, there is money […] However, there’s really no value in paying $1,000,000 for what we already know. Malware is malicious, and the people writing it are even more so. I wonder if the guy creating the installation got permission from the authors. If not, and if I were them, I would be very, very careful about how I use my computer in the future.”
Persistence of Malware
Malware is considered one of the most destructive cyberwarfare tool in existence. As mentioned, more than $95 billion has been scammed out of people’s pocket from all the six malware that infected the art/laptop alone, and there is other malware out there that have also gained notoriety especially in the recent days.
The malware found in The Persistence of Chaos piece is windows strains of the malware. However, Windows OS is not the only operating system that is being targeted by malware. Recently, researchers have found a Linux version of a malware used by Chinese hackers in the high-profile cybercrime against a Vietnamese game company in 2015.
Winnti’s Linux version was discovered by researchers from Google’s Chronicle, and they have a lot to say regarding their discovery.
“As with other versions of Winnti, the core component of the malware doesn’t natively provide the operators with distinct functionality. This component is primarily designed to handle communications and the deployment of modules directly from the command-and-control servers. During our analysis, we were unable to recover any active plugins. However, prior reporting suggests that the operators commonly deploy plugins for remote command execution, file exfiltration, and socks5 proxying on the infected host. We expect similar functionality to be leveraged via additional modules for Linux,” the team said regarding the discovered malware.
Of course, as the persistence of malware attacks grew over time, law enforcement and cybersecurity experts have been doubling their effort to fight against infections and those people who deliberately cause them. Recently, ten Europeans were indicted for spearheading a series of malware attacks against American companies and institutions across all sectors. The victims of the malware attacks included a Washington law firm, a church in Texas, a furniture business in California and a casino in Mississippi.
Officials reveal that the malware in the current court case has infected more than 41,000 computers by disguising as legitimate messages or invoice and was sent as spam emails. Once the email was opened, hackers will be able to record all keystrokes in the infected computer, sweeping data like baking information and wire money away from the victim’s account.