Custom Search

Saturday, May 28, 2016

Suspected Bot List [2016-05-27]

detection period: 2016-05-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 754

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-05-27]

detection period: 2016-05-27 00:00-23:59 UTC
total number of suspected botnet IPs: 5067
number of botnet IPs notified to network operators: 4313
number of spam blocked: 3897
recipient count of spam blocked: 33720

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1MX-USCV4-LACNIC436
2WASU258
3VNPT-VNNIC-VN144
4HINET-NET141
5PTCLBB-PK107
6BSNLNET82
7UNICOM-ZJ66
8SONET-NET66
9CHINANET-JS64
10BHARTI-IN59

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Mexico783
2China614
3India531
4Viet Nam358
5Iran232
6Taiwan210
7Colombia183
8Pakistan135
9Turkey134
10Brazil123

Friday, May 27, 2016

Suspected Bot List [2016-05-26]

detection period: 2016-05-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 124

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting: