Impact on IOT with Hajime Malware

Get real time updates directly on you device, subscribe now.


Like many internet worms, the Hajime malware has a lifecycle. A Hajime infection begins when  a node already in the Hajime network–scanning random IPv4 addresses on the public internet–discovers a device which accepts connections on TCP port 23, the designated port for the Telnet service. The attacking Hajime node attempts several username and password combinations from its hardcoded list of credentials and, upon being granted entry, examines the target system and begins its infection in stages. The first stage is a small, short-lived file-transfer program which connects back to the attacking node and copies down a much larger download program. The download program–the second stage–joins a peer-to-peer decentralized network and retrieves its configuration and a scanning program. The scanning program searches the public internet for more vulnerable systems to infect, thus continuing the lifecycle.

[emaillocker id=5644][/emaillocker]

You might also like

Leave a Reply

Notify of

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More