Custom Search

Sunday, May 27, 2018

Botnet Statistics [2018-05-26]

detection period: 2018-05-26 00:00-23:59 UTC
total number of suspected botnet IPs: 180
number of botnet IPs notified to network operators: 168
number of spam blocked: 30891
recipient count of spam blocked: 796491

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud11
2CHINANET-JS8
3CHINANET-ZJ4
4broadNnet-KR3
5KORNET-KR3
6CHINANET-YN3
7CHINANET-JX3
8VNPT-VNNIC-VN2
9UNICOM-LN2
10UNICOM-CN2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China63
2United States18
3Italy12
4France9
5South Korea8
6Thailand7
7Russian Federation7
8India6
9Brazil6
10Colombia4

Suspected Bot List [2018-05-26]

detection period: 2018-05-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 12

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, May 26, 2018

Botnet Statistics [2018-05-25]

detection period: 2018-05-25 00:00-23:59 UTC
total number of suspected botnet IPs: 370
number of botnet IPs notified to network operators: 352
number of spam blocked: 35237
recipient count of spam blocked: 824124

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud13
2KORNET-KR11
3CHINANET-JS10
4VNPT-VNNIC-VN7
5TENCENT-CN6
6broadNnet-KR5
7ZZGIANT4
8FR-OVH4
9DOPI14
10CO-ACSA-LACNIC4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China86
2United States43
3France36
4Russian Federation20
5South Korea19
6Brazil19
7India18
8Italy15
9Viet Nam11
10United Kingdom9