Custom Search

Thursday, March 23, 2017

Suspected Bot List [2017-03-22]

detection period: 2017-03-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 18

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
UY167.57.10.212Uruguay

List from greylisting:

Botnet Statistics [2017-03-22]

detection period: 2017-03-22 00:00-23:59 UTC
total number of suspected botnet IPs: 426
number of botnet IPs notified to network operators: 409
number of spam blocked: 1602
recipient count of spam blocked: 14257

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ107
2WASU77
3WASU-BB50
4CHINANET-JS9
5CHINANET-GD9
6VNPT-VNNIC-VN8
7CMNET7
8BSNLNET6
9MAIL-ESSENTIALS-FRANCE5
10Chinafic5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China305
2India15
3Viet Nam13
4United States12
5France12
6Mexico7
7Russian Federation5
8Pakistan4
9Brazil4
10Peru3

Wednesday, March 22, 2017

Suspected Bot List [2017-03-21]

detection period: 2017-03-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 26

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting: