An old Samsung laptop running 6 pieces of malware that have caused financial damages totaling $95B has been on sale for a price of $1.2 Million.

"The Persistence of Chaos" is an art project made by Beijing-based artist Guo O Dong and New York-headquartered "deep learning" cybersecurity vendor Deep Instinct.

The laptop, cureently running somewhere in NY and livestreamed here, is isolated and airgapped to prevent against spread of the malware. In terms of hardware, it is a Samsung NC10-14GB 10.2-Inch Blue Netbook (2008) running Windows XP SP3, loaded with 6 pieces of malware:

• The ILOVEYOU virus, distributed via email and file sharing, affected 500,000+ systems and caused $15B in damages total, with $5.5B in damages being caused in the first week.
• MyDoom, potentially commissioned by Russian e-mail spammers, was one of the fastest spreading worms. It's projected that this virus caused $38B in damages.
• SoBig was a worm and trojan that circulated through emails as viral spam. This piece of malware could copy files, email itself to others, and could damage computer software/hardware. This piece of malware caused $37B in damages and affected hundreds of thousands of PCs.
• WannaCry was an extremely virulent ransomware cryptoworm that also set up backdoors on systems. The attack affected 200,000+ computers across 150 countries, and caused the NHS $100M in damages with further totals accumulating close to $4B.
• A sophisticated and evasive piece of malware that targeted users mainly in Latin America, DarkTequila stole bank credentials and corporate data even while offline. DarkTequila costed millions in damages across many users.
  BlackEnergy
• BlackEnergy 2 uses sophisticated rootkit/process-injection techniques, robust encryption, and a modular architecture known as a "dropper". BlackEnergy was used in a cyberattack that prompted a large-scale blackout in Ukraine in December 2015.

At least the shipping is free and there are no fees for bidding in the auction.

The sale of malware for operational purposes is illegal in the United States. As a buyer, you should recognize that this work represents a potential security hazard. By submitting a bid you agree and acknowledge that you’re purchasing this work as a piece of art or for academic reasons, and have no intention of disseminating any malware. Upon the conclusion of this auction and before the artwork is shipped, the computer’s internet capabilities and available ports will be functionally disabled.

There is a further disclaimer though, which confirms that the malware files will "come encrypted and locked with specific instructions to unencrypt" but goes on to remind the buyer they are both live and dangerous samples which should be run "in a VM (virtual machine) which has no internet connection. Running them unconstrained means that you will infect yourself or others with vicious and dangerous malware."