Can computer hackers get inside your mind?

What It Covers

Cybersecurity researcher Juan Andres Guerrero-Saade (JAGS) of SentinelOne uncovers FAST 16, a mid-2000s piece of malware buried in a leaked NSA list, and uses AI-assisted reverse engineering to reveal its likely mission: sabotaging Iranian nuclear weapons calculations by corrupting high-precision physics simulations.

Key Questions Answered

• •Cyber Paleontology as Intelligence Method: Reverse engineering archived malware fragments from public repositories can reconstruct classified offensive cyber operations years after deployment. JAGS located FAST 16 using only its six-word NSA listing, then found the full code in a public malware library, demonstrating that declassified breadcrumbs can expose entire covert programs to civilian researchers.
• •AI-Assisted Reverse Engineering: When human analysis stalls on complex legacy code, deploying multiple AI models to independently verify findings accelerates breakthroughs. Researcher Vitaly Kamluk used AI models to double and triple-check his reverse engineering of FAST 16 after two weeks of isolated analysis, confirming conclusions he would not trust without machine corroboration.
• •Floating-Point Corruption as Sabotage Vector: FAST 16 targeted high-precision floating-point mathematics — a previously unseen malware category. Rather than stealing data or destroying hardware like Stuxnet, it silently altered specific six-byte values inside LS-DYNA physics simulations, producing consistently wrong pressure calculations while leaving all system diagnostics appearing completely normal.
• •Epistemological Warfare via Consistent Wrong Answers: FAST 16 was designed to spread across networked computers and return identical incorrect results on every machine, ensuring scientists who cross-checked their work encountered the same errors everywhere. This approach shifts suspicion from the computers to the scientists themselves, eroding institutional confidence in personnel rather than triggering technical investigations.
• •Stuxnet-Era Cyber Weapons Shared Architecture Without Shared Code: FAST 16 and Stuxnet originate from the same mid-2000s period and share similar structural architecture despite containing no overlapping code. Recognizing architectural fingerprints — not just code signatures — is a more reliable method for attributing cyber weapons to the same state-level development program or intelligence community.