Custom Search

Monday, October 20, 2014

Suspected Bot List [2014-10-19]

detection period: 2014-10-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 22

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
MX201.116.227.163Mexico

List from greylisting:

Botnet Statistics [2014-10-19]

detection period: 2014-10-19 00:00-23:59 UTC
total number of suspected botnet IPs: 756
number of botnet IPs notified to network operators: 734
number of spam blocked: 28271
recipient count of spam blocked: 838748

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET461
2CHINANET-GD49
3UNICOM-ZJ43
4CHINANET-HB29
5UNICOM-GD14
6UNICOM-BJ10
7UNICOM-SD6
8CHINANET-SH3
9AMEN-FR-NETWORK3
10AE-EMIRNET-200504203

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan461
2China185
3United States11
4United Kingdom7
5France7
6India6
7Russian Federation5
8South Korea5
9Viet Nam4
10Hong Kong4

Sunday, October 19, 2014

Suspected Bot List [2014-10-18]

detection period: 2014-10-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 39

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
MX201.116.227.163Mexico

List from greylisting: