Home Hajime malware is turning 300,000 IoT devices into zombies

Hajime malware is turning 300,000 IoT devices into zombies

Like something out of the Walking Dead, a plague is ripping through the Internet and turning IoT devices into zombies. The horde amassed by the Hajime malware has grown to over 300,000 Internet of Things devices.

While your smart fridge won’t come to life and try to eat your brains, the term “zombie” in this case refers to a device that has been compromised into becoming part of a botnet.

The coming of the IoT botnets

Botnets are swarms of connected devices that each function exactly as they’re supposed to, but are also set to execute commands given by the botnet’s controller. Because of the nature of IoT devices, it is exceedingly difficult if not impossible for the average user to determine if a device is compromised.

Typically, these commands come in the form of distributed denial of service (DDoS) attacks carried out on a specific target. In these types of attacks, the devices flood the target server with requests over the Internet. This overwhelms the server and can result in temporary disruptions of service.

See also: BrickerBot malware will brick unsecure IoT devices

You typically hear about DDoS attacks after a major website that is almost always up and available goes down momentarily. One of the largest attacks in recent memory happened in October of 2016 which resulted in dozens of the Internets most popular websites and services being temporarily unavailable.

That particular attack was carried out using IoT devices compromised by the Mirai malware. The Internet of Things is a particularly appealing target for malicious software makers due to loosened security measures and infrequent software updates that make these devices less secure than traditional desktop and mobile PCs.

Botnets are also used for data gathering through keylogging and traffic sniffing. This includes being used by spammers to send mass amounts of email (spam) to targets. Botnet devices have even been linked to identity theft as they spam out phishing emails that trick unsuspecting users into giving up private information under the guise that the request is coming from a reputable source.

What is Hajime malware?

Hajime means “beginning” in Japanese. It is an IoT worm that builds a P2P botnet from IoT devices. It does this by exploiting several common security gaps that exist in IoT devices like smart thermostats and dishwashers.

Hajime uses force to make its way on devices by exploiting weak password security. A lot of IoT devices are left with their default passwords as users prefer convenience over security. One way to counter this type of attack is to change the device passwords into something complex and difficult to guess. Avoid dictionary words, add numbers and special characters, and don’t use the same password in multiple places.

It also exploits the Arris cable modem Password of the Day. This is a known exploit that has been around since 2009 and gives malware like Hajime a backdoor.

What we don’t know about Hajime right now is its purpose. There are no reports of any attacks carried out by the Hajime malware. However, this doesn’t mean things aren’t happening.

Reports indicate that most of the devices attacked by the Hajime are in the countries of Brazil, Iran, Vietnam, Taiwan, Turkey, India, Korea and China. Hajime also, interestingly enough, contains a propagation module, rather than an attack code.

On a more positive front, Hajime is reported to only be going after devices with weak security. By taking some basic security steps like changing the default password and bolstering your network security, you may well be able to avoid having your smart toaster become part of this new swarm of electronic zombies.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.