The Twitter account uses data compiled by researchers known as MalwareTech and 2sec4u, who have been mapping the spread of the malware ever since it was found responsible for a record-breaking DDoS attack against the website of cybersecurity reporter Brian Krebs. Following that attack, a hacker named Anna-senpai released the malware source code for free through a criminal hacking forum, presumably to cover their tracks as the attacks began making headlines. The malware is designed to scan for security cameras and other internet-connected “smart” devices that are still using their default passwords.
It’s still unclear who is behind the attacks, and several distinct Mirai botnets have emerged since the malware’s release. According to the researchers, the botnets have even been observed attacking one another, in some kind of bizarre cyber-dystopian turf war.
In any case, it’s probably a good idea to change the passwords on all your Internet of Things devices—or preferably keep them offline altogether.