Hajime (malware)

Hajime^[1]
Written in	C
Operating system	Linux
Type	Botnet

Short description: Computer malware

Hajime (Japanese for "beginning") is a malware which appears to be similar to the Wifatch malware in that it appears to attempt to secure devices.^[5] Hajime is also far more advanced than Mirai, according to various researchers.^[6]

The top countries infected by the malware were Iran, Brazil, Vietnam, Russia and Turkey, followed by India, Pakistan, Italy and Taiwan.^[7]

Malware

Hajime is a worm according to sources which have placed research on the subject.^[8] It appears to have been discovered as early as October 2016.^[9]

Later in April 2017, Hajime generated large media coverage as it appeared to be in competition with Mirai.^[10] This led to a number of reports which compared and noted that it appeared to have a similar purpose to Linux.Wifatch.^[11] It also did not contain any modules or tools for denial of service attacks, but instead only contained methods for extending its reach.^[12]

Hand written assembly code specifically for several platforms was also discovered by researchers as well.^[13]

Hajime is similar to Mirai in its method of how it manages to compromise systems.^[14] One of the key differences with Mirai is that it uses a peer-to-peer network for communications.^[15]

What was also noted was the message the malware left on systems it compromised.^[16] The message left on systems compromised by Hajime displayed on terminals is shown below.^[17]

Just a white hat, securing some systems.

Important messages will be signed like this!

Hajime Author.

Contact CLOSED Stay sharp!

^[18]

References

↑ Arghire, Ionut (April 26, 2017). "Mysterious Hajime Botnet Grows to 300,000 IoT Devices: Kaspersky". securityweek.com. http://www.securityweek.com/mysterious-hajime-botnet-grows-300000-iot-devices-kaspersky. Retrieved 14 October 2017.
↑ Cimpanu, Catalin (October 18, 2016). "Hajime IoT Worm Considerably More Sophisticated than Mirai". Softpedia. http://news.softpedia.com/news/hajime-iot-worm-considerably-more-sophisticated-than-mirai-509423.shtml. Retrieved 13 October 2017.
↑ Kan, Michael (April 17, 2017). "IoT malware clashes in a botnet territory battle". PC World. https://www.pcworld.com/article/3190182/security/iot-malware-clashes-in-a-botnet-territory-battle.html. Retrieved 13 October 2017.
↑ Leyden, John (27 April 2017). "Mysterious Hajime botnet has pwned 300,000 IoT devices". The Register. https://www.theregister.co.uk/2017/04/27/hajime_iot_botnet/. Retrieved 14 October 2017.
↑ Grange, Waylon (18 April 2017). "Hajime worm battles Mirai for control of the Internet of Things". Symantec. https://www.symantec.com/connect/blogs/hajime-worm-battles-mirai-control-internet-things. Retrieved 13 October 2017.
↑ Paganini, Pierluigi (April 20, 2017). "Symantec is monitoring the Hajime IoT malware, is it the work of vigilante hacker?". securityaffairs.co. http://securityaffairs.co/wordpress/58151/malware/hajime-iot-malware.html. Retrieved 13 October 2017.
↑ "300,000 obeying devices: Hajime is conquering the Internet of Things world" (in en). 26 May 2021. https://www.kaspersky.com/about/press-releases/2017_300000-obeying-devices-hajime-is-conquering-the-internet-of-things-world.
↑ Vatu, Gabriela (April 21, 2017). "IoT Malware Hajime Fights Against Mirai, Tries to Secure Devices". Softpedia. http://news.softpedia.com/news/iot-malware-hajime-fights-against-mirai-tries-to-secure-devices-515037.shtml. Retrieved 13 October 2017.
↑ Vatu, Gabriela (April 27, 2017). "Vigilante IoT Worm Hajime Infects 300,000 Devices". Softpedia. http://news.softpedia.com/news/vigilante-iot-worm-hajime-infects-300-000-devices-515233.shtml. Retrieved 13 October 2017.
↑ Spring, Tom (April 21, 2017). "Mirai and Hajime Locked Into IoT Botnet Battle". threatpost. https://threatpost.com/mirai-and-hajime-locked-into-iot-botnet-battle/125112/. Retrieved 13 October 2017.
↑ Cimpanu, Catalin (April 19, 2017). "Vigilante Hacker Uses Hajime Malware to Wrestle with Mirai Botnets". Bleeping Computer. https://www.bleepingcomputer.com/news/security/vigilante-hacker-uses-hajime-malware-to-wrestle-with-mirai-botnets/. Retrieved 13 October 2017.
↑ Millman, Rene (April 28, 2017). "Hajime malware now has 300,000 strong botnet at disposal say researchers". scmagazineuk.com. https://www.scmagazineuk.com/hajime-malware-now-has-300000-strong-botnet-at-disposal-say-researchers/article/653516/. Retrieved 13 October 2017.
↑ Edwards, Sam; Profetis, Ioannis (16 October 2016). "Hajime: Analysis of a decentralized intern et worm for IoT devices". rapiditynetworks.com. https://security.rapiditynetworks.com/publications/2016-10-16/hajime.pdf. Retrieved 14 October 2017.
↑ Arghire, Ionut (April 20, 2017). "White Hat Hacker Created Mysterious IoT Worm, Symantec Says". securityweek.com. http://www.securityweek.com/white-hat-hacker-created-mysterious-iot-worm-symantec-says. Retrieved 14 October 2017.
↑ Khandelwal, Swati (April 26, 2017). "Hajime 'Vigilante Botnet' Growing Rapidly; Hijacks 300,000 IoT Devices Worldwide". thehackernews.com. https://thehackernews.com/2017/04/vigilante-hacker-iot-botnet_26.html. Retrieved 14 October 2017.
↑ "Hajime Botnet – Friend or Foe?". radware.com. 26 April 2017. https://security.radware.com/ddos-threats-attacks/hajime-iot-botnet/. Retrieved 14 October 2017.
↑ Khandelwal, Swati (April 19, 2017). "To Protect Your Devices, A Hacker Wants to Hack You Before Someone Else Does". thehackernews.com. https://thehackernews.com/2017/04/vigilante-hacker-iot-botnet.html. Retrieved 14 October 2017.
↑ Paganini, Pierluigi (April 27, 2017). "The Hajime Botnet continues to grow and implements a new attack technique". securityaffairs.co. http://securityaffairs.co/wordpress/58415/malware/hajime-botnet.html. Retrieved 14 October 2017.

0.00

(0 votes)

Original source: https://en.wikipedia.org/wiki/Hajime (malware). Read more

[1] Arghire, Ionut (April 26, 2017). "Mysterious Hajime Botnet Grows to 300,000 IoT Devices: Kaspersky". securityweek.com. http://www.securityweek.com/mysterious-hajime-botnet-grows-300000-iot-devices-kaspersky. Retrieved 14 October 2017.

[2] Cimpanu, Catalin (October 18, 2016). "Hajime IoT Worm Considerably More Sophisticated than Mirai". Softpedia. http://news.softpedia.com/news/hajime-iot-worm-considerably-more-sophisticated-than-mirai-509423.shtml. Retrieved 13 October 2017.

[3] Kan, Michael (April 17, 2017). "IoT malware clashes in a botnet territory battle". PC World. https://www.pcworld.com/article/3190182/security/iot-malware-clashes-in-a-botnet-territory-battle.html. Retrieved 13 October 2017.

[4] Leyden, John (27 April 2017). "Mysterious Hajime botnet has pwned 300,000 IoT devices". The Register. https://www.theregister.co.uk/2017/04/27/hajime_iot_botnet/. Retrieved 14 October 2017.

[5] Grange, Waylon (18 April 2017). "Hajime worm battles Mirai for control of the Internet of Things". Symantec. https://www.symantec.com/connect/blogs/hajime-worm-battles-mirai-control-internet-things. Retrieved 13 October 2017.

[6] Paganini, Pierluigi (April 20, 2017). "Symantec is monitoring the Hajime IoT malware, is it the work of vigilante hacker?". securityaffairs.co. http://securityaffairs.co/wordpress/58151/malware/hajime-iot-malware.html. Retrieved 13 October 2017.

[7] "300,000 obeying devices: Hajime is conquering the Internet of Things world" (in en). 26 May 2021. https://www.kaspersky.com/about/press-releases/2017_300000-obeying-devices-hajime-is-conquering-the-internet-of-things-world.

[8] Vatu, Gabriela (April 21, 2017). "IoT Malware Hajime Fights Against Mirai, Tries to Secure Devices". Softpedia. http://news.softpedia.com/news/iot-malware-hajime-fights-against-mirai-tries-to-secure-devices-515037.shtml. Retrieved 13 October 2017.

[9] Vatu, Gabriela (April 27, 2017). "Vigilante IoT Worm Hajime Infects 300,000 Devices". Softpedia. http://news.softpedia.com/news/vigilante-iot-worm-hajime-infects-300-000-devices-515233.shtml. Retrieved 13 October 2017.

[10] Spring, Tom (April 21, 2017). "Mirai and Hajime Locked Into IoT Botnet Battle". threatpost. https://threatpost.com/mirai-and-hajime-locked-into-iot-botnet-battle/125112/. Retrieved 13 October 2017.

[11] Cimpanu, Catalin (April 19, 2017). "Vigilante Hacker Uses Hajime Malware to Wrestle with Mirai Botnets". Bleeping Computer. https://www.bleepingcomputer.com/news/security/vigilante-hacker-uses-hajime-malware-to-wrestle-with-mirai-botnets/. Retrieved 13 October 2017.

[12] Millman, Rene (April 28, 2017). "Hajime malware now has 300,000 strong botnet at disposal say researchers". scmagazineuk.com. https://www.scmagazineuk.com/hajime-malware-now-has-300000-strong-botnet-at-disposal-say-researchers/article/653516/. Retrieved 13 October 2017.

[13] Edwards, Sam; Profetis, Ioannis (16 October 2016). "Hajime: Analysis of a decentralized intern et worm for IoT devices". rapiditynetworks.com. https://security.rapiditynetworks.com/publications/2016-10-16/hajime.pdf. Retrieved 14 October 2017.

[14] Arghire, Ionut (April 20, 2017). "White Hat Hacker Created Mysterious IoT Worm, Symantec Says". securityweek.com. http://www.securityweek.com/white-hat-hacker-created-mysterious-iot-worm-symantec-says. Retrieved 14 October 2017.

[15] Khandelwal, Swati (April 26, 2017). "Hajime 'Vigilante Botnet' Growing Rapidly; Hijacks 300,000 IoT Devices Worldwide". thehackernews.com. https://thehackernews.com/2017/04/vigilante-hacker-iot-botnet_26.html. Retrieved 14 October 2017.

[16] "Hajime Botnet – Friend or Foe?". radware.com. 26 April 2017. https://security.radware.com/ddos-threats-attacks/hajime-iot-botnet/. Retrieved 14 October 2017.

[17] Khandelwal, Swati (April 19, 2017). "To Protect Your Devices, A Hacker Wants to Hack You Before Someone Else Does". thehackernews.com. https://thehackernews.com/2017/04/vigilante-hacker-iot-botnet.html. Retrieved 14 October 2017.

[18] Paganini, Pierluigi (April 27, 2017). "The Hajime Botnet continues to grow and implements a new attack technique". securityaffairs.co. http://securityaffairs.co/wordpress/58415/malware/hajime-botnet.html. Retrieved 14 October 2017.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]

[14]

[15]

[16]

[17]

[18]

Hajime (malware)

Topic: Software

Malware

See also

References