UPDATE: Oct. 26, 2016, 12:48 p.m. EDT This post has been updated to amend Dyn's analysis of the number of devices used in the DDoS cyberattack.

A massive cyberattack on Friday on a key piece of internet infrastructure included around 100,000 individual devices that were coordinated using a piece of computer code recently released online.

Dyn released an update of its investigation into the attack. The company initially said it believed "10s of milllions" of devices to be involved, but later found that legitimate traffic had been at first mistaken for part of the attack.

Dyn, the company subject to the attack, released more details about the incident on Saturday, including the finding that a base code known as Mirai had helped build the botnet that caused widespread problems for users trying to access many major websites.

"We are still working on analyzing the data but the estimate at the time of this report is up to 100,000 malicious endpoints. We are able to confirm that a significant volume of attack traffic originated from Mirai-based botnets," wrote Scott Hilton, Dyn's head of product, in a blog post.

The attack used Mirai code that combs the internet for connected devices with weak security, then hijacks them to be used in distributed denial of services (DDoS) attacks. A DDoS attack uses a heavy flow of traffic to target and disrupt particular systems, rendering them unusable.

Kyle York, the chief strategy officer at Dyn, announced the new details as part of the company's investigation into the attack.

He noted that Dyn's systems are back to normal, but that the company is still on the lookout.

"At the time of this writing, we are carefully monitoring for any additional attacks," he wrote.

Flashpoint, a cybersecurity firm that is working with Dyn, told Mashable that among the devices hijacked for the attack were digital video recorders.