Protect Your Device From Hackers
First thing to keep in mind that hacking a system for unauthorised access that does not belong to you is an illegal practice, whatever intention it may be. This is not the first time when any hacker has been watchful, we have seen many more cases in which hackers have used malware to compromise thousands of devices, but instead of hacking them, they forced owners to make them secure. A new malware family known as Hajime is worming its way through DVRs, CCTV systems, and other poorly-protected Internet of Things (IoT) devices. Dubbed Hajime, has already infected at least 10,000 home routers, Internet-connected cameras, and other smart devices. So Protect Your Device From Hackers.
It doesn’t rely on a command and control server (C&C) but instead leverages a peer-to-peer network to send command modules to all its infected devices, which makes the malware more resistant to takedowns. These techniques have helped Hajime grow over time.
Researcher Waylon Grange elaborates in his blog that:
“Over the past few months, Hajime has been spreading quickly. Symantec has tracked infections worldwide, with large concentrations in Brazil and Iran. It is hard to estimate the size of the peer-to-peer network, but modest estimates put it in the tens of thousands.”
At this time, the purpose of Hajime remains is not known to anyone.
Hajime botnet works like Mirai — “it spreads via unsecured IoT devices that have open Telnet ports and uses default passwords — and also uses the same list of username and password combinations that Mirai botnet is programmed to use, with the addition of two more”.
However, what’s interesting about Hajime botnet is that, unlike Mirai, it secures the target devices by blocking access to four ports (23, 7547, 5555, and 5358) known to be vectors used to attack many IoT devices, making Mirai or other threats out of their bay.
Unlike Mirai, Hajime uses a decentralized peer-to-peer network (instead of command and control server) to issue commands and updates to infected devices, which makes it more difficult for ISPs and Internet backbone providers to take down the botnet.
Hajime botnet also takes steps to hide its running processes and files on the file system, making the detection of infected systems more difficult.
The malware currently doesn’t pass off distributed denial of service (DDoS) capabilities to its bots. Instead it displays a message that says :
“Just a white hat, securing some systems.
Important messages will be signed like this!
The Symantec researchers explained that: “One day a device may belong to the Mirai botnet, after the next reboot it could belong to Hajime, then the next any of the many other IoT malware/worms that are out there scanning for devices with hard coded passwords. This cycle will continue with each reboot until the device is updated with a newer, more secure firmware”.
Whether it is good or bad, a malware infection on an IoT device is unwanted. Users should do everything to secure a product they purchase. This begins with researching each device carefully before they purchase it. Be careful before buying!!!!!!!
Most Popular Training Courses at Indian Cyber Security Solutions