Hajime is a ‘white worm’ that infects and secures vulnerable IoT devices

russia hotel wi fi hack hacking hacker lifestyle pc keyboard
pwstudio/123RF
The Internet of Things (IoT) has been a source of some serious security concerns recently, with millions of IoT devices being vulnerable to attack and compromise. Mirai is perhaps the most famous of all IoT malware, and it was at the root of an attack in October 2016 that took down a significant portion of the Internet.

Now, there’s another piece of code that’s targeting IoT devices, and it’s growing. The strange thing, however, is that as far as anyone can tell, the so-called “Hajime” code isn’t doing anything bad, and in fact, it might be doing some good, as Symantec’s Security Response blog reports.

Researchers have known about Hajime since October 2016, and the software is like Mirai in that it targets IoT devices with open Telnet ports and secured with the factory default username and password credentials. Hajime, therefore, uses the same attack vector as the destructive malware that was responsible for the massive distributed denial of service (DDoS) attack last year.

What makes Hajime different is that it appears to contain no destructive code, and it’s actually even more stealthy and effective at hiding itself than Mirai. Hajime also utilizes a peer-to-peer network as opposed to relying on a single command and control (C&C) server. Oddly enough, the latter characteristic makes Hajime more robust and harder to shut down than Mirai, because there’s not a single server to locate and eradicate.

However, the only active thing Hajime does at this point is to display a message every 10 minutes or so, which is currently limited to saying, “Just a white hat, securing some systems. Important messages will be signed like this. Hajime Author. Contact CLOSED. Stay Sharp!” Researchers note that the message is cryptographically signed and requires a hardcoded key, and so it’s clear where the message comes from.

Perhaps more important, Hajime also takes steps to lock down the IoT devices it infects, blocking a few ports that have been identified as making devices vulnerable to attack. In essence, the Hajime code helps to secure IoT devices and given its fast growth rates is actively securing the internet at large.

hajime code infects iot devices and secures them 2
Symantec
Symantec

Of course, there’s no guarantee that Hajime’s author actually has good intentions. The reality is that Hajime is making things safer today, but it remains a piece of code that’s architected in such a way as to make it a relatively trivial matter to switch over to nefarious purposes.

In addition, these “white hat hacking” attempts and “white worms,” as they’re called, are temporary — reboot the device and they go away. They’re not like firmware updates that would have a lasting effect. Therefore, devices could be infected with Mirai one day, then “fixed” with Hajime the next, and then further “fixed” with one of the other white hack efforts that have attempted to clean up the IoT security mess.

In the long run, what’s needed is for IoT users to lock down their devices with strong passwords, and to shut off Telnet login and use SSH where they can. Router security can be strengthened by turning off Universal Plug and Play (UPnP), and all devices should be kept up to date with the latest firmware updates. Until users and manufacturers do their part to lock down IoT, however, it will remain something of a wild, wild west where black and white hat hackers battle for control.

Emerging Tech

Awesome Tech You Can’t Buy Yet: Grow veggies indoors and shower more efficiently

Check out our roundup of the best new crowdfunding projects and product announcements that hit the web this week. You may not be able to buy this stuff yet, but it sure is fun to gawk!
Smart Home

After camera hacks, Nest locks customers out until they change their password

Nest is locking people out of their accounts if it believes there may have been a breach. Users will have to set up a new, secure password before they are able to regain access to their account.
Emerging Tech

The Great White Shark’s genome has been decoded, and it could help us end cancer

In a significant step for marine and genetic science, researchers have decoded the genome of the great white shark. The genetic code revealed a wealth of insight into what makes these creatures so successful from an evolutionary standpoint.
Smart Home

Consumer groups call out retailers in a bid for better IoT security

Consumer groups posted a "Dear retailer" letter on February 12 that called out Walmart, Best Buy, Amazon, and Target, shaming the companies for selling insecure smart home devices.
Computing

Enjoy Windows on a Chromebook with these great tips and tricks

If you want to push the functionality of your new Chromebook to another level, and Linux isn't really your deal, you can try installing Windows on a Chromebook. Here's how to do so in case you're looking to nab some Windows-only software.
Web

Are you one of the billions who have watched these super-popular YouTube videos?

Viral videos can quickly garner millions upon millions of views, but even they fall well behind the view counts on the most watched YouTube videos ever. Those have been watched billions of times.
Business

Marriott asking guests for data to see if they were victims of the Starwood hack

Marriott has created an online form to help you find out if your data was stolen in the massive Starwood hack that came to light toward the end of 2018. But take note, it requires you to submit a bunch of personal details.
Computing

Windows updates shouldn't cause problems, but if they do, here's how to fix them

Windows update not working? It's a more common problem than you might think. Fortunately, there are a few steps you can take to troubleshoot it and in this guide we'll break them down for you step by step.
Computing

Speed up your system by tweaking the startup application in Windows and MacOS

Bothered by programs that automatically start when you boot your computer, or want to add a new one to the list? Here's how to change your startup programs in Windows 7, 8, and 10, along with Apple's MacOS.
Computing

Apple may go big with a redesigned 16-inch MacBook Pro, 31.6-inch 6K display

In a research note, well-respected Apple analyst Ming-Chi Kuo writes that there are indications the company could be releasing a 16-inch MacBook Pro, as well as a 31.6-inch 6K display in 2019.
Computing

Accidental Amazon listings provides peek at cost of GTX 1660 Ti PCs

An accidental listing on Amazon provided a peek at the final cost of some of the new Windows 10 desktops with the GeForce GTX 1660 Ti on board, with prices possibly in the $1,200 range.
Deals

The best Presidents’ Day sales 2019: Amazon, Walmart, Dell, and more

Presidents' Day sales are a great chance to score electronics, clothing, home and office stuff, and other goodies at a discount. We’ve smoked out a large handful of the best of these Presidents' Day deals, from tech to bedding, to help…
Computing

Nvidia promises DLSS at low resolutions will be ‘top priority’ in future updates

Nvidia's deep learning super sampling needs work. Gamers know it and now we know Nvidia knows it too. The company made it clear on the technology's FAQ page that it plans to make fixing DLSS a top priority.
Computing

All signs point to a new Apple external display in 2019. Will it be 6K or 8K?

Will there be an Apple Display 2019? It looks like Apple is getting ready to announce a new monitor, after canceling its old Thunderbolt Display back in 2016. But what will this new display look like? Here's what we know.