Hajime (malware)

Hajime (Japanese for "beginning") is a malware which appears to be similar to the Wifatch malware in that it appears to attempt to secure devices.[5] Hajime is also far more advanced than Mirai, according to various researchers.[6]

Hajime[1]
Written inC[2]
Operating systemLinux[3]
TypeBotnet[4]

Malware

Hajime is a worm according to sources which have placed research on the subject.[7] It appears to have been discovered as early as October 2016.[8]

Later in April 2017, Hajime generated large media coverage as it appeared to be in competition with Mirai.[9] This led to a number of reports which compared and noted that it appeared to have a similar purpose to Linux.Wifatch.[10] It also did not contain any modules or tools for denial of service attacks, but instead only contained methods for extending its reach.[11]

Hand written assembly code specifically for several platforms was also discovered by researchers as well.[12]

Hajime is similar to Mirai in its method of how it manages to compromise systems.[13] One of the key differences with Mirai is that it uses a peer-to-peer network for communications.[14]

What was also noted was the message the malware left on systems it compromised.[15] The message left on systems compromised by Hajime displayed on terminals is shown below.[16]

Just a white hat, securing some systems.
Important messages will be signed like this!
Hajime Author.
Contact CLOSED Stay sharp!

[17]

See also

References

  1. Arghire, Ionut (April 26, 2017). "Mysterious Hajime Botnet Grows to 300,000 IoT Devices: Kaspersky". securityweek.com. Retrieved 14 October 2017.
  2. Cimpanu, Catalin (October 18, 2016). "Hajime IoT Worm Considerably More Sophisticated than Mirai". Softpedia. Retrieved 13 October 2017.
  3. Kan, Michael (April 17, 2017). "IoT malware clashes in a botnet territory battle". PC World. Retrieved 13 October 2017.
  4. Leyden, John (27 April 2017). "Mysterious Hajime botnet has pwned 300,000 IoT devices". The Register. Retrieved 14 October 2017.
  5. Grange, Waylon (18 April 2017). "Hajime worm battles Mirai for control of the Internet of Things". Symantec. Retrieved 13 October 2017.
  6. Paganini, Pierluigi (April 20, 2017). "Symantec is monitoring the Hajime IoT malware, is it the work of vigilante hacker?". securityaffairs.co. Retrieved 13 October 2017.
  7. Vatu, Gabriela (April 21, 2017). "IoT Malware Hajime Fights Against Mirai, Tries to Secure Devices". Softpedia. Retrieved 13 October 2017.
  8. Vatu, Gabriela (April 27, 2017). "Vigilante IoT Worm Hajime Infects 300,000 Devices". Softpedia. Retrieved 13 October 2017.
  9. Spring, Tom (April 21, 2017). "Mirai and Hajime Locked Into IoT Botnet Battle". threatpost. Retrieved 13 October 2017.
  10. Cimpanu, Catalin (April 19, 2017). "Vigilante Hacker Uses Hajime Malware to Wrestle with Mirai Botnets". Bleeping Computer. Retrieved 13 October 2017.
  11. Millman, Rene (April 28, 2017). "Hajime malware now has 300,000 strong botnet at disposal say researchers". scmagazineuk.com. Retrieved 13 October 2017.
  12. Edwards, Sam; Profetis, Ioannis (16 October 2016). "Hajime: Analysis of a decentralized intern et worm for IoT devices" (PDF). rapiditynetworks.com. Retrieved 14 October 2017.
  13. Arghire, Ionut (April 20, 2017). "White Hat Hacker Created Mysterious IoT Worm, Symantec Says". securityweek.com. Retrieved 14 October 2017.
  14. Khandelwal, Swati (April 26, 2017). "Hajime 'Vigilante Botnet' Growing Rapidly; Hijacks 300,000 IoT Devices Worldwide". thehackernews.com. Retrieved 14 October 2017.
  15. "Hajime Botnet – Friend or Foe?". radware.com. 26 April 2017. Retrieved 14 October 2017.
  16. Khandelwal, Swati (April 19, 2017). "To Protect Your Devices, A Hacker Wants to Hack You Before Someone Else Does". thehackernews.com. Retrieved 14 October 2017.
  17. Paganini, Pierluigi (April 27, 2017). "The Hajime Botnet continues to grow and implements a new attack technique". securityaffairs.co. Retrieved 14 October 2017.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.