[jpshare] Hajime Worm First Discovered on October 2016 and it used to spreads via unsecured devices with self-replication module that have open Telnet ports and use default passwords.
Hajime Worm Battle with Mirai Botnet indicate that ,Hajime was specifically created to protect against Mirai .
According to Symantec ,Unlike Mirai, which uses hardcoded addresses for its command and control (C&C) server, Hajime is built on a peer-to-peer network.
“There isn’t a single C&C server address, instead the controller pushes command modules to the peer network and the message propagates to all the peers over time”
After contacts C&C server address , it returns a cryptographically-signed message every ten minutes. The message, which is displayed on the device’s terminal .
Just a white hat, securing some systems.
Important messages will be signed like this!
Hajime Author.
Contact CLOSED
Stay sharp!The malware’s Author didn’t include a DDoS highlight, didn’t utilize his botnet to malicious traffic activity, or some other nosy operation.
Hajime Replicating Quickly:
According to the Symantec Tracking Report, past Few month it spreading very fast and Target the DVRs, CCTV systems, and other poorly-protected Internet of Things (IoT) devices.
Image Credits: Symantec
Symantec Researcher ,Waylon Grange said, ,once Hajime infects a device it blocks access to ports 23, 7547, 5555, and 5358, which are all ports that have been exploited in the past by IoT malware.
Doesn’t have (DDoS) capabilities :
Reason Behind of the worm, it does not have any distributed denial of service capabilities .
For the past six months, Hajime has been using its self-replication module to fight with Mirai and other IoT botnet for control over IoT devices.
Hajime is an enemy of Mirai Botnet:
Hajime was specifically created to protect against Mirai ,All pieces of information indicate the conclusion that Hajime was made to specifically attack Mirai, and reduce the number of devices Mirai can infect.
Also Read:
