Regardless of whether Fast16 was used against Iran—which remains just a theory—it rewrites the history of cybersabotage operations. And should maybe change our ideas, too, of who can/should trust the results of life-critical calculations on their computers.

One of the types of code it appears designed to target is the modeling program LS-DYNA. Significantly, LS-DYNA has been used by Iranian research scientists who may have contributed to nuclear weapons research. Problems like modeling the properties of different explosives that can trigger warheads.

Now he and his colleague Vitaly Kamluk have cracked it: Fast16 is designed to spread on networks, then tamper with the processes of specific calculation software that models complex physical phenomena, everything from oil spills to bird/airplane collisions.

Only in 2019 did @juanandres_gs find the actual code for Fast16, which dated all the way back to 2005, through some clever hunting on the malware repository VirusTotal. It took seven more years for anyone to figure out what it actually did.

Fast16 has been a mystery since it was named in the ShadowBrokers leak of NSA tools in 2017: A program that advised agency hackers how to deal with other malware they encountered merely notes for Fast16: "NOTHING TO SEE HERE - CARRY ON," suggesting it was a created by the US or a friendly country.