The source code for the malware Mirai has been released to the public. This source code, released on Hackforums, can be used to create an Internet of Things botnet that can launch a massive distributed denial of service attack.Last month, it was used to attack KrebsonSecurity and it is almost guaranteed that more attacks will follow.The power of Mirai comes from a growing number of insecure cameras, routers, and other\u00a0IoT devices that have been taken over by the malware. So far, the Mirai devices have reached 164 countries.To give you an idea of the scope of the IoT,\u00a0Cisco is expecting\u00a0the number of connected devices to increase from the current 15 billion in 2016 to 50 billion by 2020. Intel thinks that number is low and that there will be over 200 billion connected devices by that time. Some of these devices include 173.4 million wearable devices. 90% of cars are expected to be connected to the Internet as well.Once taken over, these devices can then become part of a botnet, which can be used to take websites offline.When a hacker calling him\/herself \u201cAnna-senpai\u201d released the source code, they left the following message on the forum:\u201cWhen I first go in DDoS industry, I wasn\u2019t planning on staying in it long. I made my money, there\u2019s lots of eyes looking at IoT now, so it\u2019s time to\u00a0GTFO. So today, I have an amazing release for you. With Mirai, I usually pull max 380k bots from telnet alone. However, after the Kreb [sic] DDoS, ISPs been slowly shutting down and cleaning up their act. Today, max pull is about 300k bots, and dropping.\u201dInteresting Facts UncoveredEven though Anna-senpai mentions ISPs \u201ccleaning up their act,\u201d researchers do not believe he\/she did this for altruistic reasons.One of the interesting things uncovered by researchers is that there is a hardcoded list of IP addresses that the Mirai bots are instructed to avoid when scanning for machines. Some of these include the US Post Office, GE, US Department of Defense, HP, and the Internet Assigned Numbers Authority.The code for the command-and-control interface is written in English, but contains strings in Russian. This leads some to speculate that it was developed by either Russian hackers or possibly some of the hackers were Russian in origin.How It Works\u201cMirai isn\u2019t really a fancy piece of malware, but it\u2019s effective and spreads quickly because it targets Internet of Things (IoT) devices that are extremely easy to hack. These devices, mostly DVRs and surveillance cameras, use default and predictable passwords, such asadmin\u00a0and\u00a0123456,root\u00a0and\u00a0password, or\u00a0guest\u00a0and\u00a0guest, among others,\u201d says\u00a0Lorenzo Franceschi-Bicchierai\u00a0at Motherboard.Mirai constantly scans IoT devices on the internet that use hard-coded or factory default usernames and passwords. Once these devices are infected, they contact the command-and-control servers and get the information about their next target.Once they have the target information, they start sending traffic to the target. With enough of these devices acting together, it\u2019s sufficient to shut down most websites. Since the biggest impact the botnet will have on an individual infected machine is slower bandwidth, most owners of the equipment have no idea that their hardware is infected and will allow the behavior to continue.\u201cAkamai\u2019s Shaul says attackers are using smaller packets in their attacks, which stresses the networking equipment near the targeted servers as well as the servers themselves. Routers have to spend processing power for each packet regardless of length, so boosting the sheer number of packets can cause network bottlenecks,\u201d says\u00a0Tim Greene\u00a0at NetworkWorld.Cleaning Up the Systems and Preventing Botnet AttacksWhile it is true that cleaning up the infection can be as simple as a reboot, which wipes the malicious code from memory, the malware is constantly scanning for vulnerable devices. This results in a device being reinfected within minutes of being rebooted.The problem is that IoT device manufacturers are creating devices based on functionality and not security. This will need to change in the future.For now, check out our article that shows\u00a0how to prevent infection.ConclusionWhat effects will this have on the internet as we know it? It\u2019s likely that we will start seeing slower internet speeds as more devices on the IoT become hacked and start using more bandwidth as a result.The Mirai source code is now freely available and we should expect more botnet attacks as a result. In addition to this, it\u2019s important to protect your network using next-generation endpoint protection with\u00a0SentinelOne.