By using infected Windows computers, Mirai can spread its malware much faster.
Forbes Tech explains:
You’ve no doubt heard of the Mirai botnet, and you’ve probably seen at least one display of its power. Last fall, it was responsible for an attack that crippled access to Amazon, Twitter, Netflix, and many more of the most popular sites on the Internet. That attack was carried out by Mirai’s army of infected Internet Of Things (IOT) devices.
That army of devices was also how that army enlisted new recruits. In addition to providing DDoS muscle, they also spread the infection to other vulnerable devices. Now, however, researchers have discovered a Mirai botnet seeking help from a new source: Windows computers. They’re not being used to assist in the actual DDoS attacks. They’re helping Mirai search for new devices to infect.
The way Mirai spreads is by logging in to IoT devices using a list of known username and password combinations. Makers of IoT devices have been notoriously lax when it comes to password security, which is what allowed Mirai become so powerful so quickly. IoT devices have obviously served the cybercriminals who utilize Mirai quite well so far, so why turn to Windows computers for assistance?