A distributed denial of service (DDoS) assault deployed tens of millions of IP addresses to make leading websites inaccessible to users.

The attack was directed against Dyn, a US internet infrastructure firm.

Major websites, including Airbnb, Amazon, Spotify and Twitter, were inaccessible to users on the Eastern seaboard of the US and parts of Europe.

“We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai botnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack,” blogged Kyle York, Dyn’s chief strategy officer.

The Mirai botnet targets vulnerable IoT devices and makes them bombard popular websites with traffic, so making it impossible for genuine users to reach them. Typically, botnets look for IoT devices with factory default or hard-coded user names and passwords to exploit.

Mirai botnets were previously used in recent DDoS attacks against the Krebs On Security blog and OVH, a hosting firm, said Flashpoint.

Mirai malware targets IoT devices such as routers, digital video recorders (DVRs) and webcams/security cameras, taking control of these devices and then using them to conduct DDoS attacks, said the security firm.

Earlier this month, the hacker operating the Mirai botnet used in the Krebs’ DDoS released its source code online. Since this release, copycat hackers have used the malware to create botnets of their own in order to launch DDoS attacks, said Flashpoint.