Most sources are claiming that so far no-one has been able to obtain a copy of the attacking code for analysis. As this is banging on my front door fairly hard despite the protections in place (which are so far holding up well), if anyone gets their hands on a sample I'd appreciate a copy if possible. 'Know your enemy' etc.
My main thought though is; given the increase in DDoS and botnets, why hasn't someone implemented this sooner? And why do people seem surprised by the development?