Hajime (malware) explained

Hajime[1]
Programming Language:C[2]
Operating System:Linux[3]
Genre:Botnet[4]

Hajime (Japanese for "beginning") is a malware which appears to be similar to the Wifatch malware in that it appears to attempt to secure devices.[5] Hajime is also far more advanced than Mirai, according to various researchers.[6]

The top countries infected by the malware were Iran, Brazil, Vietnam, Russia and Turkey, followed by India, Pakistan, Italy and Taiwan.[7]

Malware

Hajime is a worm according to sources which have placed research on the subject.[8] It appears to have been discovered as early as October 2016.[9]

Later in April 2017, Hajime generated large media coverage as it appeared to be in competition with Mirai.[10] This led to a number of reports which compared and noted that it appeared to have a similar purpose to Linux.Wifatch.[11] It also did not contain any modules or tools for denial of service attacks, but instead only contained methods for extending its reach.[12]

Hand written assembly code specifically for several platforms was also discovered by researchers as well.[13]

Hajime is similar to Mirai in its method of how it manages to compromise systems.[14] One of the key differences with Mirai is that it uses a peer-to-peer network for communications.[15]

What was also noted was the message the malware left on systems it compromised.[16] The message left on systems compromised by Hajime displayed on terminals is shown below.[17]

Just a white hat, securing some systems.
Important messages will be signed like this!
Hajime Author.
Contact CLOSED Stay sharp!
[18]

See also

Notes and References

  1. Web site: Mysterious Hajime Botnet Grows to 300,000 IoT Devices: Kaspersky . securityweek.com . April 26, 2017 . 14 October 2017 . Arghire, Ionut.
  2. Web site: Hajime IoT Worm Considerably More Sophisticated than Mirai . . October 18, 2016 . 13 October 2017 . Cimpanu, Catalin.
  3. Web site: IoT malware clashes in a botnet territory battle . . April 17, 2017 . 13 October 2017 . Kan, Michael.
  4. Web site: Mysterious Hajime botnet has pwned 300,000 IoT devices . . 27 April 2017 . 14 October 2017 . Leyden, John.
  5. Web site: Hajime worm battles Mirai for control of the Internet of Things . . 18 April 2017 . 13 October 2017 . Grange, Waylon.
  6. Web site: Symantec is monitoring the Hajime IoT malware, is it the work of vigilante hacker? . securityaffairs.co . April 20, 2017 . 13 October 2017 . Paganini, Pierluigi.
  7. Web site: 300,000 obeying devices: Hajime is conquering the Internet of Things world . kaspersky.com . en . 26 May 2021.
  8. Web site: IoT Malware Hajime Fights Against Mirai, Tries to Secure Devices . . April 21, 2017 . 13 October 2017 . Vatu, Gabriela.
  9. Web site: Vigilante IoT Worm Hajime Infects 300,000 Devices . . April 27, 2017 . 13 October 2017 . Vatu, Gabriela.
  10. Web site: Mirai and Hajime Locked Into IoT Botnet Battle . threatpost . April 21, 2017 . 13 October 2017 . Spring, Tom.
  11. Web site: Vigilante Hacker Uses Hajime Malware to Wrestle with Mirai Botnets . . April 19, 2017 . 13 October 2017 . Cimpanu, Catalin.
  12. Web site: Hajime malware now has 300,000 strong botnet at disposal say researchers . scmagazineuk.com . April 28, 2017 . 13 October 2017 . Millman, Rene.
  13. Web site: Hajime: Analysis of a decentralized intern et worm for IoT devices . rapiditynetworks.com . 16 October 2016 . 14 October 2017 . Edwards, Sam . Profetis, Ioannis . 30 December 2016 . https://web.archive.org/web/20161230182045/https://security.rapiditynetworks.com/publications/2016-10-16/hajime.pdf . dead .
  14. Web site: White Hat Hacker Created Mysterious IoT Worm, Symantec Says . securityweek.com . April 20, 2017 . 14 October 2017 . Arghire, Ionut.
  15. Web site: Hajime 'Vigilante Botnet' Growing Rapidly; Hijacks 300,000 IoT Devices Worldwide . thehackernews.com . April 26, 2017 . 14 October 2017 . Khandelwal, Swati.
  16. Web site: Hajime Botnet – Friend or Foe? . radware.com . 26 April 2017 . 14 October 2017.
  17. Web site: To Protect Your Devices, A Hacker Wants to Hack You Before Someone Else Does . thehackernews.com . April 19, 2017 . 14 October 2017 . Khandelwal, Swati.
  18. Web site: The Hajime Botnet continues to grow and implements a new attack technique . securityaffairs.co . April 27, 2017 . 14 October 2017 . Paganini, Pierluigi.