Skip to main content

Hajime is a ‘white worm’ that infects and secures vulnerable IoT devices

russia hotel wi fi hack hacking hacker lifestyle pc keyboard
pwstudio/123RF
The Internet of Things (IoT) has been a source of some serious security concerns recently, with millions of IoT devices being vulnerable to attack and compromise. Mirai is perhaps the most famous of all IoT malware, and it was at the root of an attack in October 2016 that took down a significant portion of the Internet.

Now, there’s another piece of code that’s targeting IoT devices, and it’s growing. The strange thing, however, is that as far as anyone can tell, the so-called “Hajime” code isn’t doing anything bad, and in fact, it might be doing some good, as Symantec’s Security Response blog reports.

Researchers have known about Hajime since October 2016, and the software is like Mirai in that it targets IoT devices with open Telnet ports and secured with the factory default username and password credentials. Hajime, therefore, uses the same attack vector as the destructive malware that was responsible for the massive distributed denial of service (DDoS) attack last year.

What makes Hajime different is that it appears to contain no destructive code, and it’s actually even more stealthy and effective at hiding itself than Mirai. Hajime also utilizes a peer-to-peer network as opposed to relying on a single command and control (C&C) server. Oddly enough, the latter characteristic makes Hajime more robust and harder to shut down than Mirai, because there’s not a single server to locate and eradicate.

However, the only active thing Hajime does at this point is to display a message every 10 minutes or so, which is currently limited to saying, “Just a white hat, securing some systems. Important messages will be signed like this. Hajime Author. Contact CLOSED. Stay Sharp!” Researchers note that the message is cryptographically signed and requires a hardcoded key, and so it’s clear where the message comes from.

Perhaps more important, Hajime also takes steps to lock down the IoT devices it infects, blocking a few ports that have been identified as making devices vulnerable to attack. In essence, the Hajime code helps to secure IoT devices and given its fast growth rates is actively securing the internet at large.

Symantec
Symantec

Of course, there’s no guarantee that Hajime’s author actually has good intentions. The reality is that Hajime is making things safer today, but it remains a piece of code that’s architected in such a way as to make it a relatively trivial matter to switch over to nefarious purposes.

In addition, these “white hat hacking” attempts and “white worms,” as they’re called, are temporary — reboot the device and they go away. They’re not like firmware updates that would have a lasting effect. Therefore, devices could be infected with Mirai one day, then “fixed” with Hajime the next, and then further “fixed” with one of the other white hack efforts that have attempted to clean up the IoT security mess.

In the long run, what’s needed is for IoT users to lock down their devices with strong passwords, and to shut off Telnet login and use SSH where they can. Router security can be strengthened by turning off Universal Plug and Play (UPnP), and all devices should be kept up to date with the latest firmware updates. Until users and manufacturers do their part to lock down IoT, however, it will remain something of a wild, wild west where black and white hat hackers battle for control.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
This Lenovo 2-in-1 laptop is discounted from $970 to $640
The Lenovo IdeaPad Flex 5 against a white backdrop.

If you can’t decide between a laptop or a tablet, Lenovo has the laptop deals for you, with a huge discount on the Lenovo IdeaPad Flex 5 2-in-1 laptop. Ordinarily priced at $970, it’s down to $640 at Lenovo, so you’re saving $330. Lenovo's estimated value prices can be a little optimistic, but this is a good value regardless. Whatever the discount, we do know that $640 for this laptop is pretty sweet. Here’s what you need to know about it before you buy.

Why you should buy the Lenovo IdeaPad Flex 5
Lenovo makes some of the best 2-in-1 laptops knowing how to get the most from the concept. This particular model has an AMD Ryzen 7 7730U processor paired up with 16GB of memory and 1TB of SSD storage so it’s pretty capable of handling a lot of your working needs.

Read more
This new Google Sheets feature is going to save so much time
Google Sheets is open in the Safari browser on a MacBook Air.

After Google I/O 2024, Google continues to roll out features that bolster its productivity apps -- this time, specifically with Google Sheets. As picked up by The Verge, Google has announced a much simpler way to generate easily formatted tables in the Sheets app. This new Sheets feature has been around for many years in Excel and has recently reached Google. Better late than never.

The option is called Convert to table, and you can use it by opening a Sheets document and clicking Format > Convert to table when the option reaches you later this month or early next. With this new option, Google aims for a more Excel-type experience by adding filters for each column. The rows also get visual separators, saving you time by not having to select the rows manually to turn them gray. The Convert to table feature also brings filters and column types and makes the drop-down menu creation easier.

Read more
One of Lenovo’s most popular laptops is 40% off right now
The ThinkPad X1 Carbon Gen 10 laptop, opened with a colorful wallpaper on the screen.

Lenovo often has some of the best laptop deals around, and that’s no different today. Currently you can buy the ThinkPad X1 Carbon Gen 11 laptop for $2,135, and it’s packed with great hardware. According to Lenovo, it usually costs $3,559 so you’re saving 40% here. Lenovo’s estimated value system can be a little optimistic so the actual original price may be different, but what we do know is that the new low price is fantastic for these specs. Here’s what to expect from the ThinkPad X1 Carbon Gen 11.

Why you should buy the Lenovo ThinkPad X1 Carbon Gen 11
The Lenovo ThinkPad X1 Carbon Gen 11 is well-designed for business use. It has a 13th-generation Intel Core i7-1365U processor with a huge 32GB of memory so it’s perfect for extensive multitasking. There’s also 1TB of SSD storage which is great for storing your many files without needing to rely on cloud storage.

Read more