Threat Database Trojans Hajime Botnet

Hajime Botnet

By GoldSparrow in Trojans

The Hajime Botnet is described by computer security experts as a decentralized Internet Worm for IoT devices. The Hajime Botnet is a persistent cyber-threat that is based on the Mirai Botnet. The Hajime Botnet appeared on security bulletins in October 2016, and it remains a comparatively successful program at the time of writing this. The Hajime Botnet is reported to control over 300,000 devices, and it is suspected that it is used for DDoS attacks predominantly. These huge Botnets can generate a respectable revenue given there are plenty of third-party threat actors using the available network bandwidth, which is considerable.

The Hajime Botnet is known to compromise DVRs, home routers, cloud cameras, IP phones, home cinema rigs and many models of IoT devices. The Hajime Botnet is designed to exploit the TR-069 application layer protocol for remote device management, attack IoT devices by attempting to log in with the default vendor password (Telnet attack) and try to breach Arris cable modems. The Hajime Botnet malware is known to send specially crafted HTTP requests to TR-069 enabled devices in attempts to trigger an exploit and run arbitrary code. A successful attack would open a port on the targeted device and allow the threat actors to send commands. Then, they can download port-scanning software, install a proxy and gain complete control of the machine. IoT users are encouraged to update the firmware on their devices and make sure to use custom passwords that are at least sixteen characters long and include special symbols if possible.


Most Viewed