Custom Search

Tuesday, June 28, 2016

Suspected Bot List [2016-06-27]

detection period: 2016-06-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 82

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-06-27]

detection period: 2016-06-27 00:00-23:59 UTC
total number of suspected botnet IPs: 2312
number of botnet IPs notified to network operators: 2230
number of spam blocked: 3402
recipient count of spam blocked: 12252

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU426
2SONET-NET344
3HINET-NET289
4CNCITYNET168
5UNICOM-ZJ100
6RingLink63
7WASU-BB49
8VNPT-VNNIC-VN34
9CHINANET-JS33
10UNICOM-JS31

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1036
2Taiwan635
3India100
4Viet Nam62
5Mexico46
6Brazil38
7Turkey30
8South Korea25
9United States24
10Iran22

Monday, June 27, 2016

Suspected Bot List [2016-06-26]

detection period: 2016-06-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 57

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
GB163.172.143.102United Kingdom

List from greylisting: