Researchers have newly deciphered a piece of malware known as Fast16, identified as a covert tool for sabotaging calculation and simulation software. Emerging from findings disclosed in 2017, the malware dates back to 2005 and is believed to have been likely developed by the US or its allies.
Vitaly Kamluk and Juan Andrés Guerrero-Saade from SentinelOne have recently provided details on Fast16, noting that it’s engineered to subtly alter high-precision mathematical calculations. By infiltrating networks and manipulating software applications, it can lead to faulty research outcomes or even catastrophic failures in critical equipment.
The malware specifically targets types of simulation software, including:
- Modelo Hidrodinâmico (MOHID) for water systems
- PKPM, which is used in construction engineering
- LS-DYNA, important for modeling physics problems related to nuclear weapon research
There’s particular interest in LS-DYNA, as it has been utilized by Iranian scientists possibly involved in the country’s nuclear program. This raises the prospect that Fast16 may have been a precursor to Stuxnet, the malware famously deployed in 2007 by the US and Israel to disrupt Iran’s nuclear capabilities.
Fast16 exemplifies a significant advancement in cybersabotage techniques, bringing to light the potential for stealthy operations predating known incidents like Stuxnet. Kamluk expressed concerns over the implications of such technology, especially regarding the trustworthiness of critical safety systems.
Fast16 came to prominence through a 2017 leak by the hackers known as Shadow Brokers, which included a variety of NSA tools, including one labeled "Territorial Dispute." This indicated that Fast16 was not something NSA operators should interfere with. After several years of obscurity, Guerrero-Saade discovered a sample of Fast16, revealing it was not merely a rootkit but a sophisticated tool capable of self-propagation within networks.
Kamluk and Guerrero-Saade’s analysis suggests that Fast16 could have been employed as a covert operation against Iran’s ambition to obtain nuclear weapons, aligning with their broader cyber strategy against Iran’s nuclear initiatives.
As the researchers emphasize the nuanced and potentially dangerous capabilities of Fast16, it serves as a reminder that cyber warfare techniques have been evolving for much longer than previously understood. The revelation also raises concerns regarding the security and reliability of countless critical systems which depend on precise computational results, emphasizing the need to scrutinize technological trust, especially within high-stakes environments.
