Author: Michael Kan / Source: InfoWorld
Mirai—a notorious malware that’s been enslaving IoT devices—has competition.
A rival piece of programming has been infecting some of the same easy-to-hack internet-of-things (IoT) products, with a resiliency that surpasses Mirai, according to security researchers.
[ Expand your security career horizons with these essential certifications for smart security pros. | Discover how to secure your systems with InfoWorld’s Security Report newsletter. ]
“You can almost call it Mirai on steroids,” said Marshal Webb, CTO at BackConnect, a provider of services to protect against distributed denial-of-service (DDoS) attacks.
Security researchers have dubbed the rival IoT malware Hajime, and since it was discovered more than six months ago, it’s been spreading unabated and creating a botnet. Webb estimates it’s infected about 100,000 devices across the globe.
These botnets, or networks of enslaved computers, can be problematic. They’re often used to launch massive DDoS attacks that can take down websites or even disrupt the internet’s infrastructure.
That’s how the Mirai malware grabbed headlines last October. A DDoS attack from a Mirai-created botnet targeted DNS provider Dyn, which shut down and slowed internet traffic across the U.S.
Hajime was first discovered in the same month, when security researchers at Rapidity Networks were on the lookout for Mirai activity. What they found instead was something similar, but also more tenacious.
Like Mirai, Hajime also scans the internet for poorly secured IoT devices like cameras, DVRs, and routers. It compromises them by trying different username and password combinations and then transferring a malicious program.
However, Hajime doesn’t take orders from a command-and-control server like Mirai-infected devices do. Instead, it communicates over a peer-to-peer network built off protocols used in BitTorrent, resulting in a botnet that’s more decentralized—and harder to stop.
“Hajime is much, much more advanced than Mirai,” Webb said. “It has a more effective way to do command…
Click here to read more