Hajime (malware)
Written in | C[2] |
---|---|
Operating system | Linux[3] |
Type | Botnet[4] |
Hajime (Japanese for "beginning") is a malware which appears to be similar to the Wifatch malware in that it appears to attempt to secure devices.[5] Hajime is also far more advanced than Mirai, according to various researchers.[6]
The top countries infected by the malware were Iran, Brazil, Vietnam, Russia and Turkey, followed by India, Pakistan, Italy and Taiwan.[7]
Malware
[edit]Hajime is a worm according to sources which have placed research on the subject.[8] It appears to have been discovered as early as October 2016.[9]
Later in April 2017, Hajime generated large media coverage as it appeared to be in competition with Mirai.[10] This led to a number of reports which compared and noted that it appeared to have a similar purpose to Linux.Wifatch.[11] It also did not contain any modules or tools for denial of service attacks, but instead only contained methods for extending its reach.[12]
Hand written assembly code specifically for several platforms was also discovered by researchers as well.[13]
Hajime is similar to Mirai in its method of how it manages to compromise systems.[14] One of the key differences with Mirai is that it uses a peer-to-peer network for communications.[15][16]
What was also noted was the message the malware left on systems it compromised.[17] The message left on systems compromised by Hajime displayed on terminals is shown below.[18]
Just a white hat, securing some systems. |
Important messages will be signed like this! |
Hajime Author. |
Contact CLOSED Stay sharp! |
See also
[edit]- BASHLITE – another notable IoT malware
- Denial-of-service attack
- Linux malware
- Linux.Darlloz – another notable IoT malware
- Remaiten - another IoT DDoS bot
References
[edit]- ^ Arghire, Ionut (April 26, 2017). "Mysterious Hajime Botnet Grows to 300,000 IoT Devices: Kaspersky". securityweek.com. Retrieved 14 October 2017.
- ^ Cimpanu, Catalin (October 18, 2016). "Hajime IoT Worm Considerably More Sophisticated than Mirai". Softpedia. Retrieved 13 October 2017.
- ^ Kan, Michael (April 17, 2017). "IoT malware clashes in a botnet territory battle". PC World. Retrieved 13 October 2017.
- ^ Leyden, John (27 April 2017). "Mysterious Hajime botnet has pwned 300,000 IoT devices". The Register. Retrieved 14 October 2017.
- ^ Grange, Waylon (18 April 2017). "Hajime worm battles Mirai for control of the Internet of Things". Symantec. Retrieved 13 October 2017.
- ^ Paganini, Pierluigi (April 20, 2017). "Symantec is monitoring the Hajime IoT malware, is it the work of vigilante hacker?". securityaffairs.co. Retrieved 13 October 2017.
- ^ "300,000 obeying devices: Hajime is conquering the Internet of Things world". kaspersky.com. 26 May 2021.
- ^ Vatu, Gabriela (April 21, 2017). "IoT Malware Hajime Fights Against Mirai, Tries to Secure Devices". Softpedia. Retrieved 13 October 2017.
- ^ Vatu, Gabriela (April 27, 2017). "Vigilante IoT Worm Hajime Infects 300,000 Devices". Softpedia. Retrieved 13 October 2017.
- ^ Spring, Tom (April 21, 2017). "Mirai and Hajime Locked Into IoT Botnet Battle". threatpost. Retrieved 13 October 2017.
- ^ Cimpanu, Catalin (April 19, 2017). "Vigilante Hacker Uses Hajime Malware to Wrestle with Mirai Botnets". Bleeping Computer. Retrieved 13 October 2017.
- ^ Millman, Rene (April 28, 2017). "Hajime malware now has 300,000 strong botnet at disposal say researchers". scmagazineuk.com. Retrieved 13 October 2017.
- ^ Edwards, Sam; Profetis, Ioannis (16 October 2016). "Hajime: Analysis of a decentralized intern et worm for IoT devices" (PDF). rapiditynetworks.com. Archived from the original (PDF) on 30 December 2016. Retrieved 14 October 2017.
- ^ Arghire, Ionut (April 20, 2017). "White Hat Hacker Created Mysterious IoT Worm, Symantec Says". securityweek.com. Retrieved 14 October 2017.
- ^ Khandelwal, Swati (April 26, 2017). "Hajime 'Vigilante Botnet' Growing Rapidly; Hijacks 300,000 IoT Devices Worldwide". thehackernews.com. Retrieved 14 October 2017.
- ^ "Hajime, the mysterious evolving botnet". securelist.com. 25 April 2017.
- ^ "Hajime Botnet – Friend or Foe?". radware.com. 26 April 2017. Retrieved 14 October 2017.
- ^ Khandelwal, Swati (April 19, 2017). "To Protect Your Devices, A Hacker Wants to Hack You Before Someone Else Does". thehackernews.com. Retrieved 14 October 2017.
- ^ Paganini, Pierluigi (April 27, 2017). "The Hajime Botnet continues to grow and implements a new attack technique". securityaffairs.co. Retrieved 14 October 2017.