The IoT based Mirai Botnet took down a large part of the internet, yet Hajime is growing larger.
The Mirai malware took control of poorly secured IoT devices, creating a large botnet that was used in a DDoS attack against DNS provider Dyn, which in turn took down a large portion of the internet last year. Meet Mirai’s big brother, Hajime.
Hajime is yet another malware which is taking over poorly secured IoT devices. However, this malware works in a very different way than Mirai, which also makes it harder to stop.
The Mirai malware takes orders from command and control servers. While this is a typical method used by malware, it also provides a method to combat the botnet. Internet service providers have been cutting off access to these C&C servers when they are found. Hajime doesn’t suffer this weakness.
Instead of using C&C servers, Hajime instead communicates via a peer-to-peer network utilizing tools unsed in BitTorrent. This makes blocking communications that much harder, if not impossible. And with this strength, this malware has continued to grow as Mirai has been stunted.
Oddly enough, the use of this botnet has yet to be witnessed. There is no indication as to who’s behind it, or why it even exists. There have been no known DDoS attacks using the malware, and researchers aren’t really sure what the purpose is. Some theories are that it might be a research project, or perhaps it could have been created to take over and block the Mirai malware. Far more likely, and more frighteningly so, the malware was created for a specific purpose and is just awaiting it’s time to strike. It’s already bigger than Mirai, and is growing daily. When and if it strikes, it could result in some very bad things.
There is only one real way to combat these botnets, and that is to properly secure these IoT devices. Unfortunately, that does not seem to be a priority as many of these companies use minimal security standards and generic passwords.
As BlackBerry’s EoT platform is prepared to secure the IoT, these large scale malware attacks may be just the proof IoT device makers need to understand that they need to make their devices BlackBerry Secure.