Custom Search

Tuesday, February 21, 2017

Suspected Bot List [2017-02-20]

detection period: 2017-02-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 60

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-02-20]

detection period: 2017-02-20 00:00-23:59 UTC
total number of suspected botnet IPs: 996
number of botnet IPs notified to network operators: 936
number of spam blocked: 135938
recipient count of spam blocked: 4008566

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET619
2VNPT-VNNIC-VN28
3CHINANET-GD23
4MX-IPMS2-LACNIC7
5FPT-VN7
6CO-ACSA-LACNIC7
7PE-TPSA-LACNIC6
8VIETEL-VNNIC-VN5
9ETC-VNNIC-VN5
10Chinafic5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan621
2China61
3Viet Nam59
4India38
5Mexico20
6Brazil20
7Iran16
8Colombia16
9Turkey15
10Peru9

Monday, February 20, 2017

Suspected Bot List [2017-02-19]

detection period: 2017-02-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 95

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting: