Custom Search

Friday, July 31, 2015

Suspected Bot List [2015-07-30]

detection period: 2015-07-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 20

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
CA167.114.20.225Canada

List from greylisting:

Botnet Statistics [2015-07-30]

detection period: 2015-07-30 00:00-23:59 UTC
total number of suspected botnet IPs: 2988
number of botnet IPs notified to network operators: 2968
number of spam blocked: 245236
recipient count of spam blocked: 3067031

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1073
2CHINANET-ZJ-JH364
3UNICOM-ZJ256
4WASU225
5CHINANET-AH210
6CHINANET-GD206
7WASU-BB197
8CHINANET-SC105
9VNPT-VNNIC-VN32
10CHINANET-JS22

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1684
2Taiwan1080
3Viet Nam80
4United States20
5Brazil19
6Russian Federation15
7Kazakhstan8
8Hong Kong8
9India7
10Ukraine6

Thursday, July 30, 2015

Suspected Bot List [2015-07-29]

detection period: 2015-07-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 23

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting: