‘Good’ anti-Mirai worm is pulled from Github following backlash

Good virus? Not a good idea.

Graham Cluley
Graham Cluley
@[email protected]

Anti-Mirai worm pulled from Github

Matthew Broersma at TechWeek Europe has noticed that researcher Leo Linsky’s “anti-worm worm” – designed to spread like a worm, breaking into vulnerable web-connected cameras and other devices to change their default login credentials and thus protect them from future attack – has disappeared from Github.

Sure enough, if your check out Linsky’s Netamode project on Github this is what you will currently see:

Github 404

Sign up to our free newsletter.
Security news, advice, and tips.

However, the rest of Linsky’s code repositories remain available for download from Github.


It would be natural to assume that Linsky has had second thoughts about publicly distributing the code, which some in the security community (including me) expressed concerns about, and which even Linsky warned should only be used in closed research environments.

As security veteran Vesselin Bontchev described over 20 years ago, good viruses are still a bad idea.

Found this article interesting? Follow Graham Cluley on Twitter or Mastodon to read more of the exclusive content we post.

Graham Cluley is a veteran of the cybersecurity industry, having worked for a number of security companies since the early 1990s when he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows. Now an independent analyst, he regularly makes media appearances and is an international public speaker on the topic of cybersecurity, hackers, and online privacy. Follow him on Twitter, Mastodon, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.