"compiled in 2005. ( guerrero - saade declined to say who had uploaded the code to virustotal, because virustotal discourages users from trying to identify uploaders. ) yet in spite of guerrero - saade ' s discovery, it would take seven more years for anyone to determine what fast…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.002Tool
77%
"related malware. “ this is designed to be a long - term, very subtle sabotage which probably would be very, very difficult to notice. ” searching for software that met the criteria of fast16 ' s “ rules ” for an intended sabotage target, kamluk and guerrero - saade found their th…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.002Tool
65%
"nightmare, to be honest. ” in their analysis of fast16, kamluk and guerrero - saade found three potential types of physical simulation software that the malware might have been designed to tamper with : modelo hidrodinamico ( or mohid ) software created by portuguese developers f…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.002Tool
60%
"newly deciphered sabotage malware may have targeted iran ’ s nuclear program — and predates stuxnet in the history of state - sponsored hacking, the spectrum of cyber operations bent on sabotage have ranged from crude “ wiper ” attacks that destroy data on target computers to the…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.002Tool
48%
"even from the beginning, ” says rid. “ and it also looks like they were much stealthier than we understood. ” “ nothing to see here — carry on ” the mystery of fast16 first came to light in april of 2017, after the still - unidentified hacker group known as shadow brokers somehow…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1055.001Dynamic-link Library Injection
31%
"piece of code with very different intentions. using what was referred to within the code as “ wormlet ” functionality, fast16 is designed to copy itself to other computers on the network via windows ’ network share feature. it checks for a list of security applications, and if no…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1588.002Tool
30%
"an nsa leak in 2017. the sentinelone researchers have now reverse - engineered the fast16 code, which they say dates back to 2005 and was likely created by either the us government or one of its allies. kamluk and guerrero - saade have determined that the fast16 malware was desig…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation software. It was created in 2005—and likely deployed by the US or an ally.