Signal

Researchers uncover Fast16 malware predating Stuxnet linked to US-Iran cyber tensions

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-04-23 22:55 UTCUpdated 2026-04-24 14:57 UTC

rss

malwarecyber_espionagecyber_sabotageincident_response

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (2)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (2 domains)

2 top sources shown

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions

SecurityWeek · News · securityweek.com · 2026-04-24 14:57 UTC

Researchers find cyber-sabotage malware that may predate Stuxnet by five years

The Register Security · News · go.theregister.com · 2026-04-24 06:56 UTC

limited source diversity in top sources

View all evidence

Overview

Fast16 is a sabotage malware designed to tamper with high-precision calculation software, causing errors in engineering and physics simulations. Discovered by SentinelOne and reported at Black Hat Asia, it is believed to predate the Stuxnet worm by about five years, potentially making it the first known cyberweapon. Fast16's capabilities include self-propagation, and its deployment is connected to US-Iran cyber tensions, highlighting an early phase of cyber sabotage targeting critical infrastructure.

Entities

SentinelOne

Score total

1.01

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

Why now

Recent research and disclosures have brought Fast16 to light, revealing its historical significance.
Heightened US-Iran cyber tensions make understanding such malware relevant for current threat assessments.
Fast16's discovery informs cybersecurity strategies against evolving sabotage threats.

Why it matters

Fast16 represents one of the earliest known cyberweapons, expanding understanding of cyber sabotage history.
Its link to US-Iran tensions underscores the geopolitical dimension of cyber operations targeting critical infrastructure.
Understanding Fast16 helps improve detection and defense against sophisticated sabotage malware.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: medium

Recurring claims

Fast16 malware predates Stuxnet by about five years and targets engineering simulation software to cause sabotage.

How sources frame it

The Register Security: neutral
SecurityWeek: neutral

This newly revealed malware, Fast16, predates Stuxnet and highlights early cyber sabotage linked to geopolitical tensions.

All evidence

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions

SecurityWeek · securityweek.com · 2026-04-24 14:57 UTC

Researchers find cyber-sabotage malware that may predate Stuxnet by five years

The Register Security · go.theregister.com · 2026-04-24 06:56 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 2Origin domains: 2Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 2 / 0

Top publishers (this list)

SecurityWeek (1)
The Register Security (1)

Top origin domains (this list)

securityweek.com (1)
go.theregister.com (1)