Hajime is a worm that is not catastrophic if it infects your device; It might even be a good thing.
It seems as if there are as many malware as there are devices worldwide; Most of them are very similar to each other, but once in a while one that really catches your eye appears.
Mirai, the malware that blocks Web media
Last year Mirai was the most destructive and infectious malware; their target were Internet of Things devices, whose security is almost non-existent.
Using a public list of passwords, Mirai is capable of taking control of most of our Internet of Things devices; thereafter, the person responsible for the attack is able to use our devices to carry out massive DDOS attacks.
Because of Mirai, last November an enormous amount of web pages and services were inaccessible; a DDOS attack involving countless devices It generated such an amount of traffic that it knocked out DNS servers.
The worst part of this situation is that there does not seem to be a simple solution in the short term. Most of the affected devices are from manufacturers that do not provide any type of support; they just sell them and abandon them.
Hajime, the unwanted protector
So Hajime, a worm that works similar to Mirai, It may not be the malware we deserve, but rather the one we need..
Its creator defines himself as a hacker in white hat (whitehat); These hackers are those who do not seek their own benefit, but to improve security. And in this case, it is the security of Internet of Things devices.
Once installed, Hajime prevents the device from being infected with Mirai. It closes the ports that Mirai usually uses to connect with other devices, and prevents the device from getting into massive DDOS attacks.
However, there are some details that reveal Hajime as the malware that it is. Hajime expands using a P2P network, whereby each infected device connects to others indirectly; thus, it is more difficult to detect on a network.
It also uses other methods to prevent your processes and files from being detected; and despite that, every ten minutes he displays a message boasting of his achievements in a terminal. And all this without saying anything that Hajime is forced to install itself on our devices.
So we have well-intentioned malware, or so it seems. The danger is that once you have taken control of our device, there really is no way to be sure that Hajime does not use them for evil purposes.
It is somewhat sad that the security of Internet of Things devices is so poor that projects like Hajime are necessary; the user should never depend on a third party, much less malware, to protect their device.