A vigilante is putting a huge amount of work into infecting IoT devices

A vigilante is putting a huge amount of work into infecting IoT devices

By | April 28th, 2017
No Comments

When it comes to features and robustness, Hajime surpasses its blackhat

rivals.


														
							

Last week, Ars introduced readers to Hajime, the vigilante botnet that infects IoT devices before blackhats can hijack them. A technical analysis published Wednesday reveals for the first time just how much technical acumen went into designing and building the renegade network, which just may be the Internet’s most advanced IoT botnet.

As previously reported, Hajime uses the same list of user name and password combinations used by Mirai, the IoT botnet that spawned several record-setting denial-of-service attacks last year.

Once Hajime infects an Internet-connected camera, DVR, and other Internet-of-things device, the malware blocks access to four ports known to be the most widely used vectors for infecting IoT devices. It also displays a cryptographically signed message on infected device terminals that describes its creator as “just a white hat, securing some systems.”

Hajime is a full-featured package that gives the botnet reliability, stealth, and reliance that’s largely unparalleled in the IoT landscape. Wednesday’s technical analysis, which was written by Pascal Geenens, a researcher at security firm Radware, makes clear that the unknown person or people behind Hajime invested plenty of time and talent.

Read more

Google
Nisheeth Bhakuni

\devworx in print
  • IBM Open Platform with Apache Hadoop Get access to all data, in Hive, HBase or HDFS; within a single query (Big SQL). Let Bluemix™ enable you to play with IBM’s Analytics for Hadoop. Try it now.
    Click to know more
  • \devworx contests
      • No contests are currently running.