Fast16: Pre-Stuxnet sabotage malware that quietly poisoned scientific calculations

Researchers have reverse-engineered Fast16, a piece of malware that predates Stuxnet and appears to have been deployed against Iranian targets years earlier. The code bears the fingerprints of a nation-state operation, with US origin considered the most likely attribution given the target set and timing.

What sets Fast16 apart is its method of sabotage. Rather than destroying systems outright, it spread across networks and then silently tampered with the output of software that performs high-precision mathematical computation and physical simulation. By corrupting numerical results inside trusted scientific and engineering applications, the malware could degrade research quality or push real-world equipment toward catastrophic failure without leaving obvious indicators.

The technique represents an unusually patient strain of offensive tradecraft: the payload does not announce itself, and the damage manifests downstream in experiments, models, and physical processes rather than in the compromised host. It reframes Stuxnet as a successor rather than a starting point in the lineage of state-built sabotage tooling.