IMO, there is less danger of an ESP8266 being misused than something like a consumer product, an IP camera or a smart refrigerator or a smart TV. These consumer devices are pre-programmed by the factory and sit on the field side (LAN) of the home router. Therefore, these smart consumer devices can easily open a port on the router if they have gotten their IP addresses from DHCP on the home router.
When the ESP8266 is used with the ArduinoIDE, the flash is erased (the AT or LUA code is overwritten) by the Arduino upload programming. Thus, any vector existing in flash is erased. So, what happens is that the Arduino C++ binary code and a copy of the Espressif binaries to support the call APIs is uploaded. The remainder of the flash can be used for SPIFFS.
We hobbyist can do our hobby a lot of good by not over hyping these DDoS attacks and certainly by not associating parts like the ESP8266 in the same context as DDoS. One could maliciously program a zillion ESP8266 to create a flood of traffic, but the flood would come from our own IP addresses and the ISP would quickly shut us down. Yes, one could give away a zillion pre-programmed devices but that appears to me to be unlikely.
The first "D" in DDoS is Distributed. The devices succeed only if they are widely separated on the Internet. If all of the traffic is being generated from someone's home or business, the bandwidth is simply not sufficient to do a great deal of damage for any length of time. ISP's do monitor such behavior and there is procedures in place to shut down feeds that are known to contribute to an active attack.
I would like to hear which site you got this from...
Why? Really, I do not wish to know.
As a good author and to stay on the legal side of licensing, I chronicled all my sources within the source code. A lots can be learned from studying malicious code; I find it no different than a policeman studying the behavior of criminals in an effort to build profiles to capture the bad guys.
Where things go wrong is when a hobbyist maliciously uses something like an ESP8266 to disrupt traffic or take down a WiFi network or free Internet connection at McDonalds. I am not here to make judgments but I will ask that if you decide to download and run the hacker code that you do so only to your own networks and that you do not interfere with other users.