A Chinese-speaking attacker is spreading a Mirai variant from a repurposed Windows-based botnet. Kaspersky Lab researchers say the code was written by an experienced developer who also built in the capability to spread the malware to Linux machines under certain conditions. The only way the Windows botnet can spread to Linux is by running a brute force attack against a remote telnet connection on a device. Mirai variants have been popping up in steady streams since the source code was made public last October, weeks before a large-scale DDoS attack took down DNS provider Dyn.
Source: https://threatpost.com/windows-botnet-spreading-mirai-variant/123805/