Custom Search

Thursday, June 21, 2018

Botnet Statistics [2018-06-20]

detection period: 2018-06-20 00:00-23:59 UTC
total number of suspected botnet IPs: 343
number of botnet IPs notified to network operators: 311
number of spam blocked: 34060
recipient count of spam blocked: 819525

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR13
2CMNET10
3CHINANET-JS8
4TencentCloud7
5CO-ACSA-LACNIC6
6HINET-NET5
7FR-OVH5
8CHINANET-JX4
9BSNLNET4
10AT-88-Z4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China89
2United States33
3South Korea24
4France24
5Brazil21
6Italy12
7India12
8Indonesia12
9Colombia9
10Thailand8

Suspected Bot List [2018-06-20]

detection period: 2018-06-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 32

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Wednesday, June 20, 2018

Botnet Statistics [2018-06-19]

detection period: 2018-06-19 00:00-23:59 UTC
total number of suspected botnet IPs: 230
number of botnet IPs notified to network operators: 217
number of spam blocked: 36302
recipient count of spam blocked: 772711

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR6
2CHINANET-ZJ6
3TencentCloud5
4CMNET5
5CHINANET-JX5
6EC-CNGG-LACNIC4
7CHINANET-JS4
8VNPT-VNNIC-VN3
9IT-TIN-200702213
10EC-TESA-LACNIC3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China56
2United States26
3France15
4South Korea11
5Brazil11
6Russian Federation10
7Italy10
8Ecuador9
9India8
10Viet Nam4