Gardening Malware: When Code Becomes Canvas

There is a piece of software circulating right now whose only ambition is to grow vegetables. Not real ones, pixel sprouts, ASCII tendrils, generative blooms unfurling across whatever machine it infects. Natural Contacts, documented by Neural, appears to be what some call "gardening malware": a program propagating like a worm but cultivating rather than corroding. The infected system becomes a windowsill. The hard drive becomes soil.

It is a small, strange artifact, sitting at a junction that has gathered traffic for forty years. Malware is code traveling without permission. Strip away the criminal intent and you are left with a delivery mechanism, one artists have been quietly fascinated by since the floppy disk era. Natural Contacts asks an old question in a new dialect: what happens when the most aggressive form of software distribution ever invented gets pointed at beauty instead of theft?

The accidental aesthetics of early viruses

The first computer viruses were often signed. Their authors left calling cards, animations, taunts, miniature poems running when the payload triggered. The Malware Museum, co-created by archivists Jason Scott of the Internet Archive and Finnish security researcher Mikko Hyppönen and archived on the Internet Archive since 2016, preserves dozens of these from the DOS years. The Guardian's coverage noted how many specimens behaved less like weapons and more like provocative works of art: cascading characters, dancing skeletons, political slogans rendered in CGA palettes.

Most were destructive in passing, they corrupted files, slowed machines, but the visible layer was performative. Their creators worked within brutal constraints: a few kilobytes, no network, no GPU, an audience of one terrified user at a time. Within those limits they made things that still read as design. The COVID-era nostalgia for pixel art owes something to these uninvited guests.

The lineage continued into the gallery. In 2019, artist Guo O Dong and the collective MSCHF auctioned The Persistence of Chaos, a 2008 Samsung netbook loaded with six damaging viruses ever catalogued, including WannaCry and ILOVEYOU, for $1.345 million. Five years earlier, James Hoff had begun glitching audio and images using extracted code from Stuxnet and Skywiper, treating nation-state cyberweapons as a kind of corrosive pigment. WithSecure's ongoing Museum of Malware Art commissions sculptures like Araneomorph, which renders the encryption stage of a ransomware attack as a physical object, a spider mid-wrap.

What artists actually do with the code

It helps to be specific about the gradient here, because "malware art" covers at least three distinct practices, and they are not ethically equivalent.

The first is archival: collecting, defanging, and displaying historical specimens. Scott's museum runs old DOS viruses inside an emulator, where they cannot escape. This is closer to taxidermy than taxonomy, and the curatorial work is about context, explaining what the thing did, who made it, why it mattered.

The second is extractive: artists like Hoff treating malware binaries as found material, the way a collagist treats a torn poster. The code is real, but the propagation mechanism is removed. What remains is texture, the statistical fingerprint of something once weaponized.

The third is generative, and this is where Natural Contacts sits. Here the artwork is the propagation. The piece does not depict a virus; it behaves like one. This is the most interesting category and the most fraught, because the medium and the threat model are the same object.

The supply chain has become the gallery

The ethical questions around this third category have grown more complex as the attack surface for digital artists has expanded. Morphisec researchers have traced campaigns distributing the StealC infostealer through poisoned Blender model files, 3D assets artists download by the thousands from community marketplaces. TechRadar has mapped the evolution of RomCom, a backdoor spreading through fake versions of legitimate creative applications since 2022. A .blend file, a brush pack, a font, any can carry payloads exfiltrating wallets and credentials.

Against that backdrop, "gardening malware" lands differently than it would have a decade ago. The audience for Natural Contacts includes people who spent the morning scrubbing their machines after opening the wrong ZIP. The aesthetic provocation, what if the worm were kind?, runs into a practical objection: the techniques letting benign code spread without consent are the same techniques letting malicious code do it. A vulnerability does not care about the intentions of whoever found it.

The research frontier doesn't help

Academic work has made the boundary porous in both directions. Research papers have proposed convolutional GAN frameworks for generating adversarial malware samples, programs sculpted, almost literally, to slip past machine-learning detectors. Open Python libraries exist for computing adversarial attacks on Windows malware classifiers. Both project types exist for legitimate defensive reasons: you cannot harden a detector you have not tried to fool. But they describe, in peer-reviewed prose, how to make malicious code more elegant, more compressed, more evasive, more finished, than its authors could manage alone.

An artist reading those papers sees the same toolkit a criminal sees. The difference is what gets built. This is not a new dilemma, chemistry, optics, and cryptography have all lived through versions of it, but software collapses the distance between technique and deployment to nearly zero. There is no lab between writing the code and running it on someone else's machine.

A constraint worth honoring

The most defensible work in this space has tended to share one design choice: consent. The Malware Museum runs its specimens in sandboxes the visitor opts into. The Persistence of Chaos is air-gapped; its buyer agreed in writing never to connect it to a network. Araneomorph is a sculpture. Hoff's glitch images are images. The aesthetic charge of malware, its danger, its mythology, its weird folk-art lineage, can be transmitted without transmitting the malware itself.

Natural Contacts is interesting precisely because it tests that constraint. If it asks permission, it is software with a virus aesthetic. If it doesn't, it is a virus with an art defense. The work's value as cultural commentary depends on which side of that line it lands on, and the line is not rhetorical.

What these artists are cultivating is older than any of their tools. Code, like any medium, eventually attracts people who want to see what it can hold besides its intended payload. The garden metaphor is apt in a way its makers may not have meant: gardens are a negotiation with things spreading on their own. You decide what to pull and what to let bloom. The discipline is in the choosing.

References

• https://neural.it/2026/04/natural-contacts-gardening-malware
• https://en.wikipedia.org/wiki/The_Persistence_of_Chaos
• https://observer.com/2016/02/this-online-museum-lets-you-download-computer-virus-art-from-the-80s-and-90s
• https://www.techradar.com/pro/security/malicious-blender-model-files-deliver-stealc-infostealing-malware
• https://www.theguardian.com/technology/shortcuts/2016/feb/08/a-trip-to-the-malware-museum-computer-viruses-art
• https://www.techradar.com/pro/how-romcom-became-a-multipurpose-cyberweapon
• https://arxiv.org/abs/2011.01509
• https://arxiv.org/abs/2104.12848
• https://www.wired.com/2014/11/malware-art
• https://fadmagazine.com/2025/07/28/code-corruption-how-artists-transform-malware-into-masterpieces
• https://www.withsecure.com/en/experiences/museum-of-malware-art/araneomorph

Models used: gpt-4.1, claude-opus-4-7, claude-sonnet-4-20250514, gpt-image-1