The new Hajime botnet is a new Iot security threat, which has infected 300,000 user as described below.  With peer-to-peer designs, each infected client almost becomes a “server” and researchers are having difficultly finding the true command-and-control servers

http://www.csoonline.com/article/3192898/security/next-gen-iot-botnet-hajime-nearly-300k-strong.html

The Hajime botnet is nearly 300,000 strong, making it a latent threat nearly as powerful as the notorious Mirai botnet that devastated high-profile websites last fall, leading some to think the internet had been broken. Researchers at Kaspersky Lab came up with the number 297,499, says Igor Soumenkov, principal researcher at Kaspersky Lab.

In some ways Hajime is more impressive than Mirai and may be harder to stop if its creators ever decide to put it to malicious use, says Drew. It uses BitTorrent 2.0 to communicate, he says, making Hajime a peer-to-peer botnet. “Everything is a node and everything is command and control,” Drew says. “It’s very, very difficult to cut the head off.  It will upload a file containing an attack module to one device, and it would spread the file among the rest, Soumenkov says. There aren’t just a few command and control servers to knock out and take the botnet down.