Like many internet worms, the Hajime malware has a lifecycle. A Hajime infection begins when  a node already in the Hajime network–scanning random IPv4 addresses on the public internet–discovers a device which accepts connections on TCP port 23, the designated port for the Telnet service. The attacking Hajime node attempts several username and password combinations from its hardcoded list of credentials and, upon being granted entry, examines the target system and begins its infection in stages. The first stage is a small, short-lived file-transfer program which connects back to the attacking node and copies down a much larger download program. The download program–the second stage–joins a peer-to-peer decentralized network and retrieves its configuration and a scanning program. The scanning program searches the public internet for more vulnerable systems to infect, thus continuing the lifecycle.

[emaillocker id=5644][/emaillocker]

Srikanth is the Cheif editor for Techiexpert, Brings in 10+ years of experience on Emerging Technologies like IOT, Big Data, Artificial Intelligence .. He currently handles the day to day operations, involves in strategic decisions as a media partners for the technology event across globe , Srikanth can be reached at srikanth@techiexpert.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.