Tech experts puzzled by intentions of hacker.
Security researchers are stumped by a newly discovered worm that has infected thousands of connected devices, including wireless routers, home WiFi-enabled security cameras, DVRs, and more. The worm, called Hajime, seems to have no attack code, but does display a message to its victims: “Just a white hat, securing some systems.”
White hat hacker
What does that even mean? An anonymous white hat hacker is taking matters into his or her own hands, seeking out the vulnerabilities and logging them, all without causing any harm? Of course it’s possible. But even if the hacker has no ill intentions, that doesn’t mean someone else won’t. And once the backdoor to your device is created, it’s wide open.
This type of white hat poking around isn’t always problematic, of course. The recently discovered database of nearly one million senior citizens’ complete identities, allegedly posted online due to an amateur-hour mistake by a software developer, was discovered and reported by someone who was simply logging access to connected devices. He could have had an instant payday with that many different complete identities, but instead his report got the database deleted.
However, tech-experts are already correlating Hajime’s arrival and mechanism to Mirai, which is far from innocent and has been blamed for the DDoS attacks that crippled a number of high-profile websites last fall. Researchers have already discovered that Hajime is specifically searching for devices that (coincidentally or not) allow Mirai to infect. It’s possible that someone is seeking out vulnerabilities with the seemingly innocent Hajime, then letting Mirai follow in its virtual footsteps.
At the same time, it’s possible that someone is targeting potential Mirai victims in order to get consumers on board with securing their connections and get companies to step up their security game. Interestingly, Hajime seems to be spreading faster than some of the more well-known IoT-targeting worms out there.