Researchers find cyber-sabotage malware that may predate Stuxnet by five years

Black Hat Asia Infosec outfit SentinelOne found malware that tries to induce errors in engineering and physics simulation software and therefore represents an attempt at sabotage, and suggests it was created years before the Stuxnet worm that aimed to destroy Iran’s uranium enrichment centrifuges.

The company’s Vitaly Kamluk discussed the malware in a talk at the Black Hat Asia conference today. SentinelOne has also published a blog post about the malware.

Kamluk told the conference the discovery came about after he wondered if known nation-state-espionage tools like Flame, Animal Farm, and Project Sauron were the first of their kind. All three shared use of the Lua language and virtual machine, so he went looking for similar software.

That search led to a malware sample uploaded to VirusTotal in 2016 that includes a reference to “fast16”.

Kamluk’s analysis of the sample suggested the techniques its developers employed were ...