Hajime (malware)

Hajime (Japanese for "beginning") is a malware which appears to be similar to the Wifatch malware in that it appears to attempt to secure devices.
Hajime is also far more advanced than Mirai, according to various researchers.

The top countries infected by the malware were Iran, Brazil, Vietnam, Russia and Turkey, followed by India, Pakistan, Italy and Taiwan.

Malware

Hajime is a worm according to sources which have placed research on the subject.
It appears to have been discovered as early as October 2016.

Later in April 2017, Hajime generated large media coverage as it appeared to be in competition with Mirai.
This led to a number of reports which compared and noted that it appeared to have a similar purpose to Linux.Wifatch.
It also did not contain any modules or tools for denial of service attacks, but instead only contained methods for extending its reach.

Hand written assembly code specifically for several platforms was also discovered by researchers as well.

Hajime is similar to Mirai in its method of how it manages to compromise systems.
One of the key differences with Mirai is that it uses a peer-to-peer network for communications.

What was also noted was the message the malware left on systems it compromised.
The message left on systems compromised by Hajime displayed on terminals is shown below.

See also

* BASHLITE – another notable IoT malware
* Denial-of-service attack
* Linux malware
* Linux.Darlloz – another notable IoT malware
* Remaiten - another IoT DDoS bot

References

{{Hacking in the 2010s

Botnets
IoT malware
Linux malware
Cybercrime in India