Custom Search

Wednesday, May 27, 2015

Suspected Bot List [2015-05-26]

detection period: 2015-05-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 101

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-26]

detection period: 2015-05-26 00:00-23:59 UTC
total number of suspected botnet IPs: 1760
number of botnet IPs notified to network operators: 1659
number of spam blocked: 136131
recipient count of spam blocked: 3387532

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1031
2CHINANET-GD26
3UNICOM-BJ22
4CHINANET-JS15
5TurkTelekom13
6CHINANET-HN12
7CHINANET-YN11
8CHINANET-SX11
9CCCH3-411
10WASU9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1034
2China158
3United States112
4Turkey48
5France41
6United Kingdom26
7Spain22
8India16
9Germany16
10South Africa14

Tuesday, May 26, 2015

Suspected Bot List [2015-05-25]

detection period: 2015-05-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 20

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting: