 |
Three Buddy ProblemA Security Conversations podcast Author: Security Conversations
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others wont -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporate defenders, CISOs, and policymakers. Connect with Ryan on Twitter (Open DMs). Language: en-us Genres: News, Tech News, Technology Contact email: Get it Feed URL: Get it iTunes ID: Get it |
Listen Now...
Cracking the Fast16 sabotage malware mystery
Friday, 1 May, 2026
(Presented by TLPBLACK: A cybersecurity intelligence platform focused on sharing curated, high-sensitivity threat insights and research with trusted security professionals.) Three Buddy Problem - Episode 96: We're joined by WIRED writer Andy Greenberg to dig into SentinelLabs' bombshell FAST16 research, a newly deciphered piece of sabotage malware that predates Stuxnet by five years and quietly tampered with physics modeling software likely tied to Iran's nuclear program. We discuss the attribution rabbit hole (NSA? Israel? someone else?), the eerie "spiritual warfare" implications of corrupting scientific calculations, and Antiy Labs' very dialectical Chinese rebuttal. Plus, what AI reverse-engineering means for the next decade of cyber paleontology. Cast: Andy Greenberg, Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu. Timestamps: 0:00 - WIRED’s Andy Greenberg joins the show 1:53 - How the FAST16 scoop landed in Andy's lap 6:45 - JAGS sat on this sample for 7 years 10:33 - How Costin and the Kaspersky team missed the sabotage routine 15:20 - The "holy moly" moment: what FAST16 actually does 18:26 - Territorial Dispute, Shadow Brokers, and the driver list 24:11 - The targets: MOHID, PKPM, and LS-DYNA's link to Iran 28:13 - No C&C, no victims: a worm built for air-gapped networks 34:45 - Was this part of a larger anti-Iran toolkit? 37:55 - Attribution: NSA, Israel, or someone else entirely? 51:39 - What was the actual sabotage? Unanswered questions 55:48 - "Spiritual warfare": the psychological angle and trust in computers 1:20:05 - Equities, going public, and the case for AI-powered reversing 1:32:19 - Antiy Labs' Chinese rebuttal and the apparatchik tone 1:43:04 - Shoutouts: Sergey Mineev, LabsCon CFP, PivotCon, and Ekoparty
