Hajime (383fd414-3805-11e8-ac12-c7b5af38ff67)
Hajime (meaning ‘beginning’ in Japanese) is an IoT worm that was first mentioned on 16 October 2016 in a public report by RapidityNetworks. One month later we saw the first samples being uploaded from Spain to VT. This worm builds a huge P2P botnet (almost 300,000 devices at the time of publishing this blogpost), but its real purpose remains unknown. It is worth mentioning that in the past, the Hajime IoT botnet was never used for massive DDoS attacks, and its existance was a mystery for many researchers, as the botnet only gathered infected devices but almost never did anything with them (except scan for other vulnerable devices).
Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
---|---|---|---|---|
Hajime (383fd414-3805-11e8-ac12-c7b5af38ff67) | Botnet | Hajime (ff8ee85f-4175-4f5a-99e5-0cbc378f1489) | Malpedia | 1 |