Custom Search

Sunday, July 23, 2017

Botnet Statistics [2017-07-22]

detection period: 2017-07-22 00:00-23:59 UTC
total number of suspected botnet IPs: 535
number of botnet IPs notified to network operators: 510
number of spam blocked: 69749
recipient count of spam blocked: 1724837

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET58
2UNICOM-ZJ42
3HOST4GEEKS42
4CHINANET-JS39
5CHINANET-ZJ27
6WASU23
7Baidu21
8CLOUD-SOUTH16
9CHINANET-HB13
10SERVERCRATE12

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China302
2United States106
3Hong Kong46
4Singapore12
5Russian Federation11
6Taiwan7
7Brazil6
8Germany5
9Italy4
10France4

Suspected Bot List [2017-07-22]

detection period: 2017-07-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 26

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
LY197.215.136.166Libya
RU78.107.233.237Russian Federation
RU89.111.177.211Russian Federation
RU90.188.95.206Russian Federation
RU91.197.234.102Russian Federation
RU185.127.25.68Russian Federation
SG112.140.184.136Singapore
SG112.140.184.139Singapore
SG112.140.184.147Singapore
SG112.140.187.82Singapore
TH61.7.228.51Thailand
US206.125.41.139United States

List from greylisting:

Saturday, July 22, 2017

Botnet Statistics [2017-07-21]

detection period: 2017-07-21 00:00-23:59 UTC
total number of suspected botnet IPs: 861
number of botnet IPs notified to network operators: 799
number of spam blocked: 88272
recipient count of spam blocked: 2034731

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET77
2CHINANET-HB68
3CHINANET-JS62
4HOST4GEEKS61
5UNICOM-HB44
6WASU41
7UNICOM-ZJ34
8SHARKTECH-329
9Baidu20
10ThrustVPS_PT15

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China500
2United States138
3Hong Kong65
4Russian Federation17
5United Kingdom15
6Singapore12
7India12
8Viet Nam10
9Netherlands10
10Republic Of Moldova10