A new botnet is lurking as Hajime has 300 000 devices waiting orders

If you thought the IoT botnet Mirai was bad, Westcon-Comstor warns of Hajime, which currently has 300 000 obeying devices which is currently conquering the Internet of Things world.
Hajime is, according to Westcon-Comstor vendor partner Kaspersky “a mysterious evolving Internet of Things (IoT) malware that builds a huge peer-to-peer botnet”. Notably the botnet has of late been propagating extensively and infecting multiple devices worldwide, reports reveal that there are almost 300,000 malware-compromised devices.
“If the Mirai attack is still fresh in your minds, the fact that there are 300,000 malware-compromised devices, all ready to work as one to act under the instructions of their master without our knowledge, is a terrifying thought,” states Andrew Potgieter, Director Security Solutions at Westcon-Comstor Southern Africa. “While Hajime’s purpose is still unknown, it surely can’t be for the good of the world if it has been slowly growing in scale since it was first detected in October 2016.”
Not dissimilar to Mirai, Hajime is once again building a huge peer-to-peer botnet – a decentralised group of compromised machines discreetly performing spam or DDoS attacks. While Kaspersky Labs cites that there is no actual attacking code or capability they can see in Hajime and it is still only has a propagation module, the family of tools are different. Particularly in that they make use of different techniques – mainly brute-force attacks on device passwords – to infect devices, and then takes a number of steps to conceal itself from the compromised victim.
“The devices currently targeted by Hajime to date are reportedly Digital Video Recorders, followed by web-cameras and routers. But that said this particular threat doesn’t attack a specific device and will snoop out any device connected to the Internet. The name Hajime, means ‘beginning’ in Japanese, it is important we are forewarned so that this is not the beginning of another large scale cyber-attack that takes the world’s Internet down for a day,” adds Potgieter.
According to Kaspersky Lab researchers the infections they have noted to date have primarily come from Vietnam (over 20%), Taiwan (almost 13%) and Brazil (around 9%) at the time of their research and most of the compromised devices are located in Iran, Vietnam and Brazil.
“In order to get ahead of Hajime the basic principles apply and we urge all customers to change the passwords on all IoT and Internet-enabled devices. More importantly as Hajime uses brute force, passwords need to be clever and difficult to crack. Additionally, users must update their firmware on devices, if this is an option. Such simple tactics can stop an attack in its tracks.
“While we sit in wait to see what the purpose of Hajime is, it is better to be forewarned and forearmed,” ends Potgieter.

Comment on This Article

Your email address will not be published. Required fields are marked *

About Us

Westcon SA is a value-added distributor of category-leading unified communications, network infrastructure, data center and security solutions with a global network of specialty resellers. Our teams create unique programs and provide exceptional financial and technical support to accelerate the business of our partners

  • As a strong strategic partner, we offer superior account management backed by a dedicated team of responsive and reliable experts who are totally focused on your business
  • We offer the financial strength and breadth of global capabilities to manage your changing needs
  • We have a proven route to market for products and services from the vendor through to the end-user customer.

We accelerate our partner’s business by enabling and supporting them through a series of unique programs and capabilities.

  • Vendor Engagement
  • Accelerated Training
  • Business Consulting
  • Proof of Concept
  • Marketing Resources

 

Westcon Works

Westcon SA is the smartest choice to revolutionize your business! It doesn’t matter if you focus on enterprise or small to medium business opportunities, or if we are in an economic down-turn or in a bull market, a business partnership with Westcon SA will take your business to a whole new level.

At the core of our Westcon Works partnering model resides your sales cycles, and the associated challenges. It provides a common language, allowing us to address strategies for helping resellers be more effective and focus on what they do best, while together we define how Westcon SA can fill in the rest.

read more

Contact Us

Telephone: +27 11 848 9000

Email: info@westcon.co.za

Web: www.westcon.co.za

Address: Westcon Building, 1 Tugela Lane, Waterfall Logistics Precinct, Corner of Bridal Veil Road and K101, Jukskei View, Midrand

read more

People of Westcon

Guy Whitcroft, CEO

Uwe Brandkamp, Sales Director

Uwe Brandkamp, Sales Director

Robyn Newel, HR

Robyn Newel, HR Director

Bridget Nkuna, Marketing Director

Elmien du Toit, Special Projects – Compliance

Elmien du Toit, COO

Andries Coetzee, CFO

Andries Coetzee, CFO

Tiens Lange, Communications

Tiens de Lange, Unified Communications and Collaboration

Heinz Stephan, Consumer Solutions

Heinz Stephan, Services

Kevin Norton, Mobility

Kevin Norton, Mobility

Andrew Potgieter, Security – Data

Andrew Potgieter, Security

Leane Hannigan, Cloud

Louise Taute, Comstor

Jaco Malan, Academy

read more