Newly Deciphered Sabotage Malware May Have Targeted Iran's Nuclear Program
4 hours ago
- #malware
- #cybersecurity
- #state-sponsored hacking
- Fast16 is a 21-year-old malware discovered by SentinelOne researchers that sabotages research and engineering software by subtly altering calculations, leading to failures or incorrect results.
- The malware targets high-precision simulation software like MOHID, PKPM, and LS-DYNA, potentially used in Iran's nuclear program before Stuxnet.
- Fast16 self-spreads via a 'wormlet' feature and uses a kernel driver to manipulate applications without detection, making it a stealthy, long-term sabotage tool.
- The malware was first revealed in a 2017 NSA leak and later found in VirusTotal archives, with its purpose remaining unknown until reverse-engineered in 2024.
- Researchers suggest Fast16 may be part of the 'Olympic Games' cyber operation, targeting Iran's AMAD nuclear project, indicating early, deceptive state-sponsored hacking.
- Its discovery shows that sophisticated cybersabotage techniques existed earlier than previously thought, raising concerns about trust in computer systems for critical safety applications.