20-Year-Old Malware Rewrites History of Cyber Sabotage

SentinelOne researchers have uncovered a malware framework called 'fast16' dating back to 2005, predating Stuxnet by five years and rewriting the history of state-sponsored cyber sabotage. Unlike Stuxnet, which physically damaged centrifuges, fast16 worked by injecting near-imperceptible errors into high-precision mathematical computations used in engineering and scientific software like LS-DYNA, PKPM, and MOHID. It used a Lua scripting engine and a 'cluster munition' delivery mechanism to spread wormlets across target networks. The malware was found referenced in ShadowBrokers-leaked NSA documents and had been sitting on VirusTotal largely undetected for over a decade. While fast16 only runs on obsolete Windows XP uniprocessor systems and cannot execute on modern hardware, researchers warn the underlying attack vector — corrupting high-precision calculations — remains relevant today in domains like financial trading and AI model training. Attribution remains unclear, though researchers assess it as likely nation-state work.