A laptop deliberately infected with six notorious strains of malware, including WannaCry and ILoveYou, is being auctioned in the US as an art project.
At time of writing, the highest bid for the device was $1.1m (£800,000).
The auction states that the Samsung laptop’s internet connectivity will be disabled when the device is shipped to the auction winner.
The 11-year-old Notebook has been air-gapped – a security measure to isolate it from other networks.
It is illegal in the US to sell malware for the purpose of causing damage.
The terms and conditions of the auction state that the laptop must be purchased “as a piece of art or for academic reasons”.
The auction ends on Wednesday.
The project is a collaboration between the artist Guo O Dong and a New York cyber-security company called Deep Instinct.
“We came to understand this project as a kind of bestiary, a catalogue of historical threats,” Guo told Vice.
“It’s more exciting to see the beasts in a live environment.”
The six strains of malware on the laptop are:
- WannaCry – the ransomware that hit the NHS in 2017
- ILoveYou – released in the year 2000, this infected 50 million computers in two weeks, including at the CIA, Pentagon and UK Parliament
- MyDoom – a rapid-spreading 2004 Windows email worm that looked like an error message
- SoBig – when this was discovered, in 2003, one security company told BBC News one in 17 emails it was seeing was carrying the virus
- DarkTequila – a keylogger malware designed to steal financial data and log-in credentials
- BlackEnergy – used to attack Ukraine’s power grid in 2016
The auction has bemused some cyber-security experts.
“If you want to save a million dollars, you could connect a laptop to the internet without antivirus software and security patches and leave it a few days for a similar infestation,” said Kevin Beaumont.
Source: Would you pay $1m for a laptop full of malware? – BBC News