We rarely hear about malware interfering with one another. But Symantec’s security company has just released a post announcing that it has detected a new malware called Hajime.
Hajime has so far infected more than 10,000 Internet gadgets such as network cameras and vulnerable routers. But unlike the routine used by this botnet network, it has not used any attacks. The author of the malware posted a message in his malware saying,
“The author of this malware is a white hat hacker who only wants to make the systems safer.” Mirai is a malware that has infected more than hundreds of thousands of gadgets to date.
Gadgets that were eventually uses to implement denial of service attacks.
The power of Mirai malware to penetrate IoT gadgets is so serious that the question now is how to prevent Mirai malware from spreading.
“As long as IoT gadgets continue to be infect and no patches are provide, Mirai malware will continue to sacrifice devices,” security experts said in response to the question.
The malware closes some of the specified ports of these devices after infecting IoT devices, making it impossible for other malware to access them.
The figure below shows the ten countries with the highest Hajime contamination rates.
Symantec says the malware has created a network of botnets, but the network has not shown any malicious activity so far, and the protocols it has used so far have not had any adverse effect on device performance.
“Preliminary analysis shows that Hajime was launched to stop the Mirai botnet from spreading,” said Symantec security researcher Vylon Grange.
What’s noteworthy about Hajime malware is that it patches vulnerabilities reported earlier by experts after infecting IoT devices.
Fortunately, the current form of Hajime malware has not shown any malicious approach.
But there is always concern that the author of the malware will someday decide to change his approach and launch a denial of service attack after he completely removes the Mirai malware. “
Hajime has a special feature that makes it difficult to control. The malware above does not receive commands from a command and control server, but rather uses a peer-to-peer network to communicate. This causes their infected devices to be used as the sender of malicious commands and files.