Screenshot of MS-DOS-based 'Crash' virus, via Malware Museum

Design and tech industries often like to paint themselves as heroes. We are promised a future of smart cities, self-driving cars, and friendly refrigerators built on a fully networked, data-driven global infrastructure, all brought to us by the kind of innovation that only design can deliver.

Yet the systems created in the name of connectivity are the very same systems that capitalize, spy, and exert control over users. Or, they’re systems that can be hacked and held for ransom. “The more dependent we are on technology, the more vulnerable we are,” says Bas van de Poel, who, together with Marina Otero Verzier, is curator of Malware, a new exhibition on computer viruses at the Het Nieuwe Institute in the Netherlands. The show casts malware creation as a form of design practice, and in telling the recent history of computer viruses it calls into question our compulsion towards networked productivity and tech-driven efficiency.

“Looking at the history of malware puts the smart city ecosystem in another light,” continues van de Poel. “Take self-driving cars, for instance. When you imagine malware in them, they suddenly become deadly weapons.” We don’t have to simply imagine the devastating potential of malware, though—the effects of a virus in a networked society are already very tangible. Take the 2017 NotPetya cyberattack: the global attack deeply affected Ukraine, bringing down its airports, power plants, hospitals, banks, and more. Within just a few hours, NotPetya spread to countless machines and crippled multinational companies, eventually accumulating $10 billion in damages. And this nightmarish, destructive malware was exceedingly effective in its intent. Indeed, it was a very sophisticated piece of design.

Brain, from Malware at the Het Nieuwe Instituut

Malware charts viruses from their prankish, naive origins to their development as digital artillery in geopolitical cyberwar. “With early DOS viruses, we see the design practice quite literally in the form of visual output,” says van de Poel. “When you were infected by one of them, they’d often showcase a graphical display on your screen. And today, viruses are designed with very sophisticated codes that are difficult to breach. The design is less explicit, and more implicit.” For the viruses that are more implicit, van de Poel and Tomorrow Bureau have created video artworks to visually represent the way their codes sneak through computers undetected. Early malware with front-facing design—examples from the memorable heyday of Windows in the late ’90s—are displayed in their original format.

The show begins with the very first public computer virus in 1986. Called Brain, it was initially developed without any malicious intent by two brothers in Pakistan named Basit Farooq Alvi and Amjad Farooq Alvi. According to the pair, they wrote the virus in order to track pirated copies of medical heart monitoring software they had developed. Once an unauthorized user inserted the infected floppy disk into their drive, a message would appear on the screen alongside the brothers’ address and phone numbers: “BEWARE OF THE.. er VIRUS,” it read. “Contact us for vaccination.” The code slows down the floppy disk drive and makes seven kilobytes of memory unavailable. Unexpectedly, it infected hundreds of machines, causing panic as users realized for the first time just how easily their private machines could be infiltrated.

Screenshot of MS-DOS-based ‘Mars G’ virus, via Malware Museum

And so Pandora’s Box was opened. After Brain spread into the world, others began to experiment with the possibilities and visual aesthetics of DOS viruses. Rivalries bubbled up between virus writers on community bulletin boards, each attempting to create the most hilarious, most unexpected “gotcha” moment to infuriate and bamboozle helpless computer users. The LSD Virus displayed a high-res swirl of colors that took the user on a beautiful trip while it trashed their DOS so that it wouldn’t boot again. Mars G, designed by the notorious French writer Spanska, played a 3D-rendered red and black landscape of hills and grooves as it tampered with a user’s files. “They’re really beautiful artworks,” says van de Poel.

In 1992, one of the earliest manifestations of hacktivism appeared in the form of a DOS virus. It inserted the text string, “CoffeeShop,” into infected files, prompting the message “LEGALIZE CANNABIS” accompanied by an 8-bit marijuana leaf to appear on the screen. Another example of a virus with an activist-bent was The Terminator, which was developed by Chinese hackers to radically slow down an infected computer. “The idea is that the virus is telling the user, ‘you’ve already worked enough today,’” says van de Poel. “In a way, the malware is a form of resilience in a productivity-chasing society. Nowadays, we download an app for meditative moments. But back in the ’90s, you could argue that viruses provided those moments. Willingly or not…”

Screenshot of Coffeeshop DOS virus. Image courtesy of Malware at the Het Nieuwe Instituut

As technology developed, virus writers had to find new ways of convincing unsuspecting users to open their files. The first wildly successful mass-mailing worm appeared in 1999. Called Melissa, it spread via email and infected Windows machines, causing more than $80 million in damages to American companies. Recipients opened an attachment believing that it was sent by an acquaintance, but once they downloaded and ran the file, they spread it to 50 more contacts from their address book. Melissa’s designer, David L. Smith, named the malware after his favorite lap dancer. In the Het Nieuwe Institute’s exhibition, a rendering of a pole-dancer rotating on a screen represents the malware, personifying the virus as if it were a glamorous siren.

In the years after Mellissa, computer worm innovators played with more and more social engineering techniques for convincing unsuspecting users to open attachments. In 2000, the ILOVEYOU or “Love Letter” worm was especially effective, distributing an enticing file entitled “ILOVEYOU.” How could you not open the attachment? “Social engineering to this day still plays a really important role in employment of viruses,” says van de Poel. “Time after time we see that humans are the weakest link when it comes to cyber security.”

Still from Melissa interpretation by as Bas van de Poel and Tomorrow Bureau. Image courtesy of Malware at the Het Nieuwe Instituut

In the late ’90s and early 2000s, worm generators made it easier than ever to create a virus. The notorious Anna Yournikova worm of 2001, which also spread by sending emails to contacts in a victim’s address book, was designed via a generator. Its subject line enticed users with nothing other than the mysterious sentence, “Here you have, ;0)”. The attached file—AnnaKournikova.jpg.vbs—didn’t open a picture of the tennis player as expected, but instead unleashed a viral Visual Basic Script (which allows the virus to run throughout the Microsoft architecture with considerable reach). Like ILOVEYOU, the file didn’t corrupt data on a computer—it just spread and perpetuated itself. Its creator Jan de Wit was sentenced to 150 hours of community service after being tracked down by the FBI, assisted by none other than Melissa writer David L. Smith, who was serving his own sentence.

“The mayor of de Wit’s home town assumed that he must be a genius wiz kid or something, but he created Anna Yournikova with just a generator,” says van de Poel. “It was very easy to create, but he was offered a job at the local government afterwards.”

Still from Kenzero interpretation Bas van de Poel and Tomorrow Bureau. Image courtesy of Malware at the Het Nieuwe Instituut

Malware tracks other innovative uses of social engineering, including techniques used by the writers of ransomware. The exhibition takes the 2010 case of Kenzero, a particularly devious example of blackmail in which a virus hid inside explicit Hentai anime video files and spread peer-to-peer. The file took screenshots of the user’s browser history—including all the porn sites they had visited—and published it online. In order to remove the information from the internet, a victim had to hand over personal information and make a credit card payment. For Malware, an animation featuring blurred Hentai images and 3D Japanese lettering recreates the flustering effect of Kenzero on a user.

To complete the show’s narrative arc, 2009’s Stuxnet has also been interpreted as a video artwork on display. The worm was designed to attack computers that controlled Iran’s uranium enrichment facility in Natanz, which international authorities suspected was the site of a nuclear weapons program. The attack targeted Microsoft Windows operating systems and spread via an infected USB flash drive.It went unnoticed and appeared as part of a loop of normal commands. Stuxnet is believed to have been the costliest development in malware history, and it’s widely assumed that the U.S. and Israeli governments were behind its operation. Using a collage of news stories, archival images, and digital renderings, the exhibition’s video conveys malware’s function in a broad geopolitical context.

Still from Melissa interpretation by Tomorrow Bureau and Bas van de Poel. Image courtesy of Malware at the Het Nieuwe Instituut

“If you think about how embedded technology is becoming, these examples paint quite a dark side of design and its potential future,” says van de Poel. “We’ve started to embed more and more technology onto and into our bodies, for example. There have already been instances where malware has been found on pacemaker devices. Former vice president Dick Cheney alters the software in his pacemaker because he’s afraid of it being remotely hacked.”

The trajectory that Malware charts is a design history of sorts—one fashioned by the output of pranksters, provocateurs, pirates, and politicians. It’s a history of interventions, of design at odds with efficiency and hyper-productivity. Or, it’s a history of technological advancements driven purely by the spirit of destruction, whether for activist purposes, purely anarchic ones, financial bounties, or cyber warfare.