Suspected Bot List [2013-05-24]

detection period: 2013-05-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 437

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country code	IP address	Country
AE	83.111.92.120	Arab Emirates
AE	194.170.149.22	Arab Emirates
AL	82.114.70.102	Albania
AM	46.162.230.50	Armenia
AO	41.63.166.3	Angola
BD	180.211.179.30	Bangladesh
BO	200.119.200.131	Bolivia
BR	150.161.30.7	Brazil
BR	177.137.0.123	Brazil
BY	213.184.241.88	Belarus
CI	213.136.105.210	Ivory Coast
CR	190.10.122.121	Costa Rica
CZ	80.188.2.54	Czech Republic
DE	84.11.89.66	Germany
ES	212.49.136.26	Spain
ES	213.0.89.6	Spain
ES	217.16.255.159	Spain
GB	77.246.20.2	United Kingdom
GB	193.164.207.16	United Kingdom
HN	190.107.140.77	Honduras
IL	82.102.158.5	Israel
IN	49.128.162.50	India
IN	111.93.108.194	India
IN	115.115.142.54	India
IN	117.218.129.170	India
IN	117.240.239.120	India
IN	118.94.179.98	India
IN	122.180.71.10	India
IN	122.180.96.110	India
IN	122.183.99.146	India
IN	182.72.118.131	India
IN	182.73.111.162	India
IN	182.73.139.30	India
IN	202.63.105.226	India
IQ	95.159.105.2	Iraq
IQ	109.224.20.138	Iraq
IR	82.99.246.10	Iran
IR	89.165.109.165	Iran
IR	194.33.126.10	Iran
IR	212.16.76.162	Iran
IT	93.88.37.10	Italy
IT	149.139.10.132	Italy
JO	87.236.232.231	Jordan
JO	109.107.132.172	Jordan
KW	62.150.12.46	Kuwait
KW	213.132.241.7	Kuwait
LB	212.36.193.188	Lebanon
LB	213.175.188.158	Lebanon
MV	202.21.182.26	Republic of Maldives
MX	148.204.14.253	Mexico
MX	148.208.224.251	Mexico
MX	177.224.19.159	Mexico
MX	177.224.245.64	Mexico
MX	177.228.74.25	Mexico
MX	177.228.75.63	Mexico
MX	187.162.207.98	Mexico
MX	189.194.170.198	Mexico
MX	200.33.20.40	Mexico
MX	200.53.147.250	Mexico
MX	201.132.167.105	Mexico
MX	201.159.106.90	Mexico
NG	41.223.65.101	Nigeria
NI	186.1.10.154	Nicaragua
PA	190.33.184.107	Panama
PG	180.150.252.66	New Guinea
PH	112.199.89.158	Philippines
PH	121.97.26.86	Philippines
PH	202.86.204.202	Philippines
PK	61.5.156.196	Pakistan
PK	111.68.104.132	Pakistan
PK	124.109.47.66	Pakistan
PK	202.69.40.170	Pakistan
PK	202.69.45.52	Pakistan
RO	89.120.75.51	Romania
RO	91.220.26.4	Romania
RS	178.149.63.175	Serbia
RS	178.149.182.28	Serbia
RU	81.24.85.98	Russian Federation
SA	94.77.199.148	Saudi Arabia
SE	46.246.28.47	Sweden
SK	93.184.71.66	Slovakia
TN	41.230.10.190	Tunisia
TR	82.222.189.43	Turkey
TR	193.255.143.63	Turkey
TW	36.226.0.6	Taiwan
TW	36.226.0.174	Taiwan
TW	36.226.0.232	Taiwan
TW	61.228.0.192	Taiwan
TW	180.218.233.132	Taiwan
TW	220.137.0.122	Taiwan
UA	91.212.124.153	Ukraine
UA	178.151.68.210	Ukraine
UA	178.151.86.1	Ukraine
US	50.192.170.241	United States
US	50.194.150.131	United States
US	66.190.188.60	United States
US	96.32.107.166	United States
US	108.163.195.37	United States
US	192.161.54.12	United States
US	192.211.58.108	United States
US	198.154.60.221	United States
US	199.193.66.161	United States
US	206.217.198.12	United States
US	209.239.112.104	United States
VE	190.93.44.76	Venezuela
ZW	41.57.125.190	Zimbabwe
ZW	41.57.127.4	Zimbabwe

List from greylisting:

Botnet Statistics [2013-05-24]

detection period: 2013-05-24 00:00-23:59 UTC
total number of suspected botnet IPs: 9216
number of botnet IPs notified to network operators: 8790
number of spam blocked: 102589
recipient count of spam blocked: 3086617

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	UNICOM-HA	1819
2	CHINANET-HB	1486
3	UNICOM-HB	1225
4	CHINANET-HE	921
5	HINET-NET	461
6	UNICOM-HN	243
7	CHINANET-HA	223
8	CHINANET-GD	219
9	CTTNET	123
10	CRTC	94

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	7107
2	Taiwan	483
3	United States	434
4	Brazil	100
5	Russian Federation	85
6	India	73
7	Spain	55
8	Argentina	48
9	Germany	45
10	Iran	44

Suspected Bot List [2013-05-23]

detection period: 2013-05-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 355

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country code	IP address	Country
AE	83.111.92.120	Arab Emirates
AE	194.170.149.22	Arab Emirates
AL	82.114.70.102	Albania
AM	46.162.230.50	Armenia
AO	196.223.13.230	Angola
BG	212.73.156.197	Bulgaria
BO	200.119.200.131	Bolivia
BO	201.222.117.26	Bolivia
BR	150.161.30.7	Brazil
BR	177.137.0.123	Brazil
BY	213.184.241.88	Belarus
CA	198.50.166.144	Canada
CI	213.136.105.210	Ivory Coast
CO	190.0.60.238	Colombia
DE	84.11.89.66	Germany
ES	212.49.136.26	Spain
ES	213.0.89.6	Spain
GB	77.246.20.2	United Kingdom
GB	193.164.207.16	United Kingdom
GT	200.30.165.178	Guatemala
HN	190.107.140.77	Honduras
IL	82.102.158.5	Israel
IN	27.49.107.83	India
IN	59.96.66.2	India
IN	117.239.29.114	India
IN	117.240.239.120	India
IN	117.244.15.245	India
IN	118.94.179.98	India
IN	122.180.71.10	India
IN	122.180.96.110	India
IN	122.183.99.146	India
IN	182.72.118.131	India
IN	182.73.111.162	India
IN	182.73.139.30	India
IN	202.63.105.226	India
IQ	95.159.105.2	Iraq
IQ	109.224.20.138	Iraq
IR	89.165.109.165	Iran
IR	94.183.138.253	Iran
IR	212.16.76.162	Iran
IT	91.214.62.59	Italy
IT	149.139.10.132	Italy
JO	87.236.232.231	Jordan
JO	109.107.132.172	Jordan
KW	213.132.241.7	Kuwait
KZ	91.185.21.34	Kazakhstan
LB	212.36.193.188	Lebanon
LB	213.175.188.158	Lebanon
MV	202.21.182.26	Republic of Maldives
MX	148.204.14.253	Mexico
MX	177.224.19.159	Mexico
MX	177.228.74.25	Mexico
MX	177.228.75.63	Mexico
MX	187.162.207.98	Mexico
MX	187.247.92.77	Mexico
MX	189.194.170.198	Mexico
MX	200.33.20.40	Mexico
MX	200.53.147.250	Mexico
MX	200.57.144.81	Mexico
MX	201.132.167.105	Mexico
MX	201.159.106.90	Mexico
MX	201.164.163.184	Mexico
NG	41.223.65.101	Nigeria
NI	186.1.10.154	Nicaragua
PG	180.150.252.66	New Guinea
PH	121.97.26.86	Philippines
PH	202.86.204.202	Philippines
PH	202.124.193.11	Philippines
PK	61.5.156.196	Pakistan
PK	111.68.104.132	Pakistan
PK	124.109.47.66	Pakistan
PK	125.209.67.38	Pakistan
PK	202.69.40.170	Pakistan
PK	202.69.45.52	Pakistan
PK	202.142.158.122	Pakistan
RO	89.120.75.51	Romania
RO	91.220.26.4	Romania
RS	178.149.63.175	Serbia
RS	178.149.182.28	Serbia
RU	81.24.85.98	Russian Federation
RU	194.24.241.235	Russian Federation
SA	94.77.199.148	Saudi Arabia
SA	212.138.144.5	Saudi Arabia
SV	190.150.101.13	El Salvador
TN	41.230.10.190	Tunisia
TR	82.222.189.43	Turkey
TR	193.255.143.62	Turkey
TW	61.228.0.228	Taiwan
UA	91.212.124.153	Ukraine
UA	178.151.68.210	Ukraine
UA	178.151.86.1	Ukraine
UNKNOWN	190.52.205.5	UNKNOWN
US	50.194.150.131	United States
US	66.190.188.60	United States
US	108.163.195.37	United States
US	173.184.189.237	United States
US	192.161.54.12	United States
US	192.211.58.108	United States
US	198.154.60.221	United States
US	199.193.66.161	United States
US	207.157.71.132	United States
US	209.239.112.104	United States
VE	190.93.44.76	Venezuela
ZW	41.57.125.190	Zimbabwe
ZW	41.57.127.4	Zimbabwe

List from greylisting: