In 2016, a malware referred to as Mirai was discovered to be zeroing in on IoT devices to conscript them into a vast botnet. As Wired described it back then, “Mirai already has enough fodder to sustain it for years—and more susceptible products roll off of assembly lines every day.” It excelled at launching DDoS attacks, which knocked out the internet for millions of people. That was then. Now, today, a new IoT botnet is forming and it makes Mirai look like a warm-up act.

While the new botnet appears to share some of the code used for Mirai, researchers firmly agree that this is a new botnet entirely–and is far more sophisticated. Based on research by Check Point, Anthony Cuthbertson describes in Newsweek: “The latest campaign shares similar technical aspects to Mirai but is far more dangerous as it is able to ‘evolve’ in order to exploit vulnerabilities in devices connected to the so-called ‘Internet of Things….’ From there, infected devices spread the malware to other connected devices.

According to Check Point researchers who first discovered signs of the botnet in the last few days of September, the new botnet is recruiting IoT devices at a far greater pace and with more potential damage than the Mirai botnet of 2016.

So far, researchers believe an estimated million organizations have already been infected.

Read the full story at Check Point Research.