Hajime Creates Botnet of More than 300,000 IoT Devices

There’s no denying that the future of technology will include the Internet of Things (IoT), but one thing is becoming increasingly clear – devices that connect to the internet without robust security measures in place are easy targets for hackers. First it was Mirai and now it’s Hajime, and it’s only a matter of time before the next IoT malware is launched.

As of early May, reports estimate that Hajime had amassed more than 300,000 devices in its network of hacked devices (also known as a botnet), turning them into what is frequently referred to as “virtual zombies.” No, this doesn’t mean your smart refrigerator is going to come after you Walking Dead style, but instead it refers to a device that has been compromised and is now able to execute nefarious commands from a remote botnet controller. The problem is, the cyber criminals behind these attacks are smart and are careful not to disrupt the device’s normal functions, so frequently it is impossible to know whether your device is hacked.

So far, IoT malware has been used to carry out Distributed Denial of Service (DDoS) attacks. The way these DDoS attacks work is that the entire botnet is directed to flood a target server with a vast number of requests over the internet, thereby overwhelming the server with the end goal of ultimately disrupting service. Depending on the target, these outages can have far reaching impacts. As you may recall, in October 2016 a Mirai-based DDoS attack took out the DNS provider, Dyn, which caused numerous popular websites to go down across portions of the United States and Europe, including

  • Amazon
  • Twitter
  • Netflix

Although there haven’t been any reports of attacks carried out by Hajime (yet), experts agree that it’s only a matter of time. And in the meantime, they’re likely continuing to increase the size of the botnet… meaning when they do decide to strike, it will likely have a significant impact on its intended target.

So be sure you’re doing your part and take some basic precautionary measures to protect your IoT devices.

  1. ALWAYS change the default device password
  2. Connect devices to the internet via a secure network
  3. Be sure to close remote connections to devices as soon as your desired task is complete

And as always, if you have any questions or concerns about Hajime or other malware attacks, contact ATB – we’re here to help keep your technology safe and secure.

Call Us Today

Give us a call: 314-878-4166