The author of the Mirai DDoS trojan, which was used to attack Brian Krebs’ website these past weeks, has published the source code of his malware following intense pressure from security researchers. The Mirai DDoS was first spotted in September 2016 by a security researcher named MalwareMustDie! It was found to be improved and sophisticated version of another DDoS trojan known under different names such as Bashlite, GayFgt, LizKebab, Torlus, Bash0day, and Bashdoor. A link to the malware code was posted on Hackforum by a user named “Anna-senpai,” who dubbed the malware “Mirai.” The malware is designed to infect Internet of Things (IoT) devices that haven’t changed their default usernames and passwords—a common occurrence in the frighteningly poor security used by IoT products like security cameras “smart” refrigerators, and other internet-connected home appliances. Mirai trojan gains control of the IoT devices and then uses them to conduct massive targeted DDoS attacks using a command and control server. “When I first go in DDoS industry, I wasn’t planning on staying in it long. I made my money, there’s lots of eyes looking at IOT now, so it’s time to GTFO,” Anna-senpai wrote. “So today, I have an amazing release for you. With Mirai, I usually pull max 380k bots from telnet alone. However, after the Kreb [sic] DDoS, ISPs been slowly shutting down and cleaning up their act. Today, max pull is about 300k bots, and dropping.” “So, I am your senpai, and I will treat you real nice, my hf-chan,” Anna-senpai added. Senpai is a Japanese honorific for learned man and is widely used in all levels of education, and in sports clubs, businesses, and informal or social organizations in Japan. The power of Mirai trojan can be deduced from the fact that it was used to conduct a whopping 620GB DDoS attack on Brian Krebbs website.