SentinelOne researchers have identified a piece of malware called FAST16 that may predate Stuxnet by approximately five years, potentially making it the first known cyberweapon. Discovered via a VirusTotal sample uploaded in 2016 and cross-referenced with the ShadowBrokers NSA leak, FAST16 is believed to have been created around 2005. It only runs on Windows XP with a single-core CPU, and deploys a driver that corrupts floating-point calculations in high-precision engineering simulation software — specifically targeting LS-DYNA 970, PKPM, and MOHID, tools used in civil engineering, physics, and environmental modeling. Iran reportedly used LS-DYNA in its nuclear weapons program. Researchers suggest FAST16 was designed to silently introduce errors into engineering calculations, potentially causing real-world physical consequences. The discovery was presented at Black Hat Asia by SentinelOne's Vitaly Kamluk.
Sort: