Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations
Fast16 is a sophisticated sabotage tool discovered in 2026 that predates Stuxnet and was designed to corrupt nuclear weapons simulations involving high-explosive detonations. It specifically targets simulation software LS-DYNA and AUTODYN, tampering with results when material density exceeds 30 g/cm³, a threshold associated with uranium compression in nuclear implosions. The malware operated for years with tailored builds, remaining confined to internal networks while evading detection.
- ▪Fast16 targets simulations in LS-DYNA and AUTODYN, specifically those modeling high-explosive detonations relevant to nuclear weapon design.
- ▪The malware activates only when the simulated material density exceeds 30 g/cm³, a condition typical of uranium under shock compression in implosion devices.
- ▪It uses a rule-driven hook engine with 101 byte-pattern rules to alter simulation outputs, ensuring tampering occurs only during full-scale transient blast runs.
- ▪Up to ten distinct software builds of fast16 were developed, indicating a long-term operation that adapted to software updates over time.
- ▪Fast16 spreads within a network via share enumeration and impersonation but is designed not to propagate beyond the target network.
Opening excerpt (first ~120 words) tap to expand
Fast16: Pre-Stuxnet Sabotage Tool Was Built to Subvert Nuclear Weapons Simulations New analysis confirms the targeted applications and reveals fast16 was tailored to corrupt uranium-compression simulations central to nuclear weapon design.Threat Intelligence16 May 20268 Min ReadShareKey findingsFast16’s hook engine is selectively interested in high-explosive simulations inside LS-DYNA and AUTODYN.All evidence suggests that attackers were specifically targeting simulations of nuclear detonations.The malware checks for the density of the material being simulated and only acts when that value passes 30 g/cm³, the threshold uranium can only reach under the shock compression of an implosion device.Up to ten distinct software builds carry tailored hooks, suggesting a sustained operation that…
Excerpt limited to ~120 words for fair-use compliance. The full article is at Security.
Discussion
0 commentsMore from Security
