Custom Search

Wednesday, October 18, 2017

Botnet Statistics [2017-10-17]

detection period: 2017-10-17 00:00-23:59 UTC
total number of suspected botnet IPs: 468
number of botnet IPs notified to network operators: 427
number of spam blocked: 50485
recipient count of spam blocked: 1004539

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu67
2UNICOM-ZJ65
3CHINANET-JS37
4WASU27
5VNPT-VNNIC-VN24
6CHINANET-GD23
7CMNET19
8CHINANET-HB11
9UNIFIEDLAYER-NETWORK-149
10FPT-VN8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China271
2Viet Nam52
3United States20
4India12
5South Korea10
6Russian Federation8
7Thailand6
8Romania6
9Brazil5
10Turkey4

Suspected Bot List [2017-10-17]

detection period: 2017-10-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 41

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
CZ185.82.212.7Czech Republic
MN202.170.70.8Mongolia
RS89.216.28.123Serbia
RU95.68.240.209Russian Federation
RU185.127.25.68Russian Federation
TH203.156.163.35Thailand
US23.129.64.11United States
US23.129.64.12United States
US23.129.64.13United States
US23.129.64.14United States
US23.129.64.15United States

List from greylisting:

Tuesday, October 17, 2017

Botnet Statistics [2017-10-16]

detection period: 2017-10-16 00:00-23:59 UTC
total number of suspected botnet IPs: 975
number of botnet IPs notified to network operators: 813
number of spam blocked: 57311
recipient count of spam blocked: 1102116

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1VNPT-VNNIC-VN88
2UNICOM-ZJ73
3Baidu67
4WASU34
5CHINANET-JS34
6CMNET26
7CHINANET-GD26
8VIETEL-VN20
9FPT-VN14
10BHARTI-IN13

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China305
2Viet Nam154
3India61
4Brazil42
5Mexico35
6Iran29
7United States27
8Peru26
9Saudi Arabia19
10Turkey16