Custom Search

Saturday, July 4, 2015

Suspected Bot List [2015-07-03]

detection period: 2015-07-03 00:00-23:59 UTC
number of suspected bots' IPs listed here: 8

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-07-03]

detection period: 2015-07-03 00:00-23:59 UTC
total number of suspected botnet IPs: 1400
number of botnet IPs notified to network operators: 1392
number of spam blocked: 96248
recipient count of spam blocked: 2545332

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET944
2CHINANET-JS282
3CHINANET-GD22
4UNICOM-BJ13
5WASU-BB6
6CMNET6
7HICHINA4
8GIANT4
9CHINANET-SH4
10UNICOM-HE3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan949
2China382
3United States16
4Brazil8
5Hong Kong6
6Russian Federation5
7South Korea4
8Argentina3
9Viet Nam2
10Ukraine2

Friday, July 3, 2015

Suspected Bot List [2015-07-02]

detection period: 2015-07-02 00:00-23:59 UTC
number of suspected bots' IPs listed here: 9

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting: