(22.2.2016) The hacker said there was no specific goal to their attack, but said that their prime motivation for the backdoor was to build a botnet. The hacker used malware dubbed Tsunami, an easy-to-implement backdoor, which when activated quietly connects to an IRC server where it waits for commands.

Yonathan Klijnsma, senior threat intelligence analyst working at Dutch security firm Fox-IT, said Tsunami is often used to take down websites and servers — by sending a „tsunami“ of traffic to knock its target offline.