Mirai Source Code

Technology experts warned for years that the millions of Internet-connected "smart" devices we use every day are weak, easily hijacked and could be turned against us.

The massive siege on Dyn, a New Hampshire-based company that monitors and routes Internet traffic, shows those ominous predictions are now a reality.

An unknown attacker intermittently knocked many popular websites offline for hours Friday, from Amazon to Twitter and Netflix to Etsy. How the breach occurred is a cautionary tale of the how the rush to make humdrum devices “smart” while sometimes leaving out crucial security can have major consequences.

The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack this week is linked below. The Internet will continue to be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices.

The leak of the source code was announced on the English-language hacking community Hackforums. The malware, dubbed “Mirai,” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords.

https://github.com/jgamblin/Mirai-Source-Code/blob/6a5941be681b839eeff8ece1de8b245bcd5ffb02/mirai/bot/scanner.c#L123