Custom Search

Wednesday, March 31, 2010

Botnet Statistics [2010-03-30]

detection period: 2010-03-30 00:00-23:59 UTC
total number of suspected botnet IPs: 3347
number of botnet IPs notified to network operators: 3088
number of blocked spams: 164651
recipient count of blocked spams: 2795081

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1252
2RITELE370
3BSNLNET304
4CHINANET-GD127
5002.558.157/0001-6289
6AR-TEAR7-LACNIC52
7SHARKTECH44
8RCOM41
9TATACOMM-IN35
10002.449.992/0001-6428

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1259
2China783
3India449
4Brazil292
5United States121
6Argentina103
7Russian Federation50
8Indonesia26
9Colombia23
10Thailand22

Tuesday, March 30, 2010

Botnet Statistics [2010-03-29]

detection period: 2010-03-29 00:00-23:59 UTC
total number of suspected botnet IPs: 3460
number of botnet IPs notified to network operators: 3173
number of blocked spams: 173156
recipient count of blocked spams: 2990104

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1244
2RITELE373
3BSNLNET295
4CHINANET-GD249
5002.558.157/0001-6276
6AR-TEAR7-LACNIC58
7RCOM51
8HATHWAY-NET38
9002.449.992/0001-6437
10TATACOMM-IN35

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1249
2China936
3India463
4Brazil287
5Argentina106
6United States65
7Russian Federation60
8Indonesia26
9South Korea22
10Colombia21

Monday, March 29, 2010

Botnet Statistics [2010-03-28]

detection period: 2010-03-28 00:00-23:59 UTC
total number of suspected botnet IPs: 2599
number of botnet IPs notified to network operators: 2431
number of blocked spams: 101440
recipient count of blocked spams: 1367909

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1201
2RITELE463
3CHINANET-GD270
4AR-TEAR7-LACNIC28
5002.558.157/0001-6226
6SHARKTECH21
7BSNLNET21
8076.535.764/0326-9020
9CHINANET-ZJ-WZ17
10000.065.376/0002-6514

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1206
2China893
3Brazil118
4United States75
5Argentina55
6India40
7Russian Federation30
8Indonesia19
9Colombia17
10South Korea13

Sunday, March 28, 2010

Botnet Statistics [2010-03-27]

detection period: 2010-03-27 00:00-23:59 UTC
total number of suspected botnet IPs: 2996
number of botnet IPs notified to network operators: 2784
number of blocked spams: 128926
recipient count of blocked spams: 1889113

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET949
2RITELE392
3CHINANET-GD340
4BSNLNET211
5SHARKTECH66
6002.558.157/0001-6248
7AR-TEAR7-LACNIC43
8RCOM40
9TATACOMM-IN31
10UNICOM-SD26

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China986
2Taiwan958
3India336
4Brazil177
5United States146
6Argentina92
7Russian Federation37
8Indonesia24
9Thailand21
10Colombia19

Saturday, March 27, 2010

Botnet Statistics [2010-03-26]

One of my 2 detection systems, which usually detects more bots than the other, has some problem today. I have not been able to connect to it so far. So the following data were calculated only from the log of the other one.

detection period: 2010-03-26 00:00-23:59 UTC
total number of suspected botnet IPs: 1653
number of botnet IPs notified to network operators: 1420
number of blocked spams: 87331
recipient count of blocked spams: 1315757

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1RITELE331
2BSNLNET256
3002.558.157/0001-6260
4AR-TEAR7-LACNIC53
5RCOM37
6TATACOMM-IN33
7HATHWAY-NET27
8UNICOM-SD26
9000.065.376/0002-6520
10076.535.764/0326-9019

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China625
2India395
3Brazil213
4Argentina89
5Russian Federation50
6Thailand23
7Colombia22
8United States21
9Indonesia21
10South Korea17

Friday, March 26, 2010

Botnet Statistics [2010-03-25]

detection period: 2010-03-25 00:00-23:59 UTC
total number of suspected botnet IPs: 2654
number of botnet IPs notified to network operators: 2335
number of blocked spams: 229333
recipient count of blocked spams: 3359037

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD355
2HINET-NET337
3RITELE266
4BSNLNET181
5002.558.157/0001-6266
6AR-TEAR7-LACNIC62
7RCOM39
8002.558.134/0001-5833
9TATACOMM-IN31
10UNICOM-SD30

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China941
2Taiwan353
3India316
4Brazil264
5United States221
6Argentina112
7Russian Federation66
8South Korea27
9Indonesia24
10United Kingdom23

Thursday, March 25, 2010

Botnet Statistics [2010-03-24]

detection period: 2010-03-24 00:00-23:59 UTC
total number of suspected botnet IPs: 3972
number of botnet IPs notified to network operators: 3605
number of blocked spams: 207935
recipient count of blocked spams: 3133320

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1344
2CHINANET-GD461
3RITELE305
4BSNLNET259
5002.558.157/0001-6282
6AR-TEAR7-LACNIC60
7RCOM48
8UNICOM-SD35
9002.558.134/0001-5830
10000.065.376/0002-6526

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1364
2China1107
3India407
4Brazil269
5United States228
6Argentina103
7Russian Federation74
8United Kingdom40
9Spain30
10South Korea26

Wednesday, March 24, 2010

Botnet Statistics [2010-03-23]

detection period: 2010-03-23 00:00-23:59 UTC
total number of suspected botnet IPs: 3060
number of botnet IPs notified to network operators: 2691
number of blocked spams: 151526
recipient count of blocked spams: 2384941

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD545
2HINET-NET420
3RITELE337
4BSNLNET297
5002.558.157/0001-6282
6AR-TEAR7-LACNIC66
7RCOM56
8TATACOMM-IN40
9UNICOM-SD36
10000.065.376/0002-6536

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1211
2India462
3Taiwan439
4Brazil280
5United States115
6Argentina111
7Russian Federation75
8Thailand34
9Ukraine25
10Indonesia22

Tuesday, March 23, 2010

Botnet Statistics [2010-03-22]

detection period: 2010-03-22 00:00-23:59 UTC
total number of suspected botnet IPs: 3824
number of botnet IPs notified to network operators: 3442
number of blocked spams: 160235
recipient count of blocked spams: 2625363

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1152
2CHINANET-GD545
3BSNLNET309
4RITELE213
5002.558.157/0001-6297
6AR-TEAR7-LACNIC65
7RCOM50
8000.065.376/0002-6542
9TATACOMM-IN40
10UNICOM-SD38

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1166
2China1094
3India488
4Brazil319
5United States173
6Argentina114
7Russian Federation86
8Thailand25
9Indonesia23
10Colombia22

Monday, March 22, 2010

Who in His Right Mind would Communicate with a Mail Server via HTTP?

When I was reading my mail server's log a few days ago, I found someone had tried to communicate with my SMTP server via HTTP. Kind of amusing, huh? Who in his right mind would do that?

The data sent to my server was something like the following:
CONNECT /var/www/index.html HTTP/1.1
Host: xxx.xx.x.xxx:25
X-Forwarded-For: yy.yyy.y.yy
X-Forwarded-Server: zzzz.com
Connection: Keep-Alive


I am not familiar with HTTP protocol, but after googling for "X-Forwarded-For" and "X-Forwarded-Server", I guessed this was a case of open proxy abuse. The 2 "X-Forwarded" headers were added by the proxy server during connection forwarding. I have already notified a service provider where 2 suspected open proxies resided. I would know whether my guess is correct if they ever reply to me.

Botnet Statistics [2010-03-21]

detection period: 2010-03-21 00:00-23:59 UTC
total number of suspected botnet IPs: 3191
number of botnet IPs notified to network operators: 2861
number of blocked spams: 152465
recipient count of blocked spams: 2903304

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1380
2RITELE237
3CHINANET-GD131
4BSNLNET127
5002.558.157/0001-6260
6AR-TEAR7-LACNIC58
7000.065.376/0002-6539
8UNICOM-SX32
9UNICOM-SD31
10002.558.134/0001-5831

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1393
2China700
3Brazil237
4India209
5United States140
6Argentina112
7Russian Federation60
8South Korea25
9Thailand22
10Poland19

Sunday, March 21, 2010

Botnet Statistics [2010-03-20]

detection period: 2010-03-20 00:00-23:59 UTC
total number of suspected botnet IPs: 3001
number of botnet IPs notified to network operators: 2707
number of blocked spams: 67773
recipient count of blocked spams: 1593672

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET754
2CHINANET-GD459
3RITELE236
4BSNLNET205
5002.558.157/0001-6255
6AR-TEAR7-LACNIC49
7RCOM38
8000.065.376/0002-6535
9UNICOM-SD28
10RRMA23

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China989
2Taiwan769
3India337
4United States235
5Brazil215
6Argentina99
7Russian Federation45
8Spain26
9Colombia22
10Indonesia19

Saturday, March 20, 2010

Botnet Statistics [2010-03-19]

detection period: 2010-03-19 00:00-23:59 UTC
total number of suspected botnet IPs: 3752
number of botnet IPs notified to network operators: 3456
number of blocked spams: 66483
recipient count of blocked spams: 1578867

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1357
2CHINANET-GD558
3RITELE234
4BSNLNET233
5002.558.157/0001-6262
6AR-TEAR7-LACNIC45
7RCOM39
8000.065.376/0002-6532
9002.558.134/0001-5828
10UNICOM-SD27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1374
2China1050
3India353
4United States254
5Brazil239
6Argentina97
7Russian Federation46
8Spain40
9United Kingdom24
10France21

Friday, March 19, 2010

Botnet Statistics [2010-03-18]

detection period: 2010-03-18 00:00-23:59 UTC
total number of suspected botnet IPs: 3134
number of botnet IPs notified to network operators: 2801
number of blocked spams: 66676
recipient count of blocked spams: 1719969

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET885
2CHINANET-GD356
3BSNLNET320
4RITELE266
5002.558.157/0001-6263
6AR-TEAR7-LACNIC48
7RCOM47
8000.065.376/0002-6539
9UNICOM-SD34
10TATACOMM-IN34

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan901
2China900
3India491
4Brazil255
5United States105
6Argentina101
7Russian Federation52
8Thailand24
9Colombia23
10South Korea20

Thursday, March 18, 2010

Botnet Statistics [2010-03-17]

detection period: 2010-03-17 00:00-23:59 UTC
total number of suspected botnet IPs: 3163
number of botnet IPs notified to network operators: 2811
number of blocked spams: 117251
recipient count of blocked spams: 2359367

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET740
2BSNLNET419
3RITELE320
4CHINANET-GD153
5002.558.157/0001-62104
6AR-TEAR7-LACNIC71
7RCOM62
8000.065.376/0002-6549
9002.558.134/0001-5839
10HATHWAY-NET38

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China842
2Taiwan760
3India622
4Brazil351
5Argentina130
6Russian Federation76
7United States44
8Colombia26
9South Korea25
10Ukraine22

Wednesday, March 17, 2010

Botnet Statistics [2010-03-16]

detection period: 2010-03-16 00:00-23:59 UTC
total number of suspected botnet IPs: 3334
number of botnet IPs notified to network operators: 2979
number of blocked spams: 137914
recipient count of blocked spams: 2593696

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1191
2RITELE341
3BSNLNET309
4002.558.157/0001-6296
5AR-TEAR7-LACNIC71
6TATACOMM-IN45
7UNICOM-SD40
8RCOM39
9002.558.134/0001-5839
10000.065.376/0002-6539

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1210
2China692
3India488
4Brazil332
5Argentina131
6Russian Federation78
7United States44
8Colombia27
9South Korea25
10Ukraine22

Tuesday, March 16, 2010

Botnet Statistics [2010-03-15]

detection period: 2010-03-15 00:00-23:59 UTC
total number of suspected botnet IPs: 2988
number of botnet IPs notified to network operators: 2666
number of blocked spams: 150899
recipient count of blocked spams: 2246121

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET731
2RITELE336
3BSNLNET244
4002.558.157/0001-6270
5AR-TEAR7-LACNIC60
6UNICOM-SD46
7RCOM38
8JUMPSTART-533
9000.065.376/0002-6532
10TATACOMM-IN28

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan751
2China686
3United States379
4India375
5Brazil245
6Argentina111
7Russian Federation67
8South Korea27
9Spain25
10Colombia23

Monday, March 15, 2010

Botnet Statistics [2010-03-14]

detection period: 2010-03-14 00:00-23:59 UTC
total number of suspected botnet IPs: 3453
number of botnet IPs notified to network operators: 3137
number of blocked spams: 174992
recipient count of blocked spams: 2364755

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1246
2RITELE274
3JUMPSTART-590
4BSNLNET72
5AR-TEAR7-LACNIC54
6002.558.157/0001-6243
7RRSW40
8RRMA38
9UNICOM-SD31
10000.065.376/0002-6531

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1262
2United States672
3China589
4Brazil180
5India120
6Argentina102
7Spain69
8United Kingdom54
9Russian Federation51
10France36

Sunday, March 14, 2010

Botnet Statistics [2010-03-13]

detection period: 2010-03-13 00:00-23:59 UTC
total number of suspected botnet IPs: 3239
number of botnet IPs notified to network operators: 2948
number of blocked spams: 159556
recipient count of blocked spams: 1898449

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1254
2RITELE312
3BSNLNET137
4JUMPSTART-560
5002.558.157/0001-6251
6RCOM32
7000.065.376/0002-6532
8RRMA31
9RRSW26
10HATHWAY-NET25

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1274
2China541
3United States516
4India235
5Brazil193
6Argentina61
7Russian Federation44
8Spain41
9United Kingdom25
10Colombia24

Saturday, March 13, 2010

Botnet Statistics [2010-03-12]

Recently I have detected more and more bots in the United States, which took number 2 spot in my botnet chart yesterday. There were more than 100 bots in both Comcast and Road Runner.

The total number of bots I detected has shown a decline, which might be the result of recent mitigation efforts against Waledac, Mariposa, and Zeus botnets.

detection period: 2010-03-12 00:00-23:59 UTC
total number of suspected botnet IPs: 2116
number of botnet IPs notified to network operators: 1920
number of blocked spams: 173292
recipient count of blocked spams: 1606303

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET810
2RITELE127
3CHINANET-GD117
4JUMPSTART-564
5002.558.157/0001-6240
6BSNLNET31
7RRMA28
8000.065.376/0002-6522
9RCOM18
10CHINANET-JS18

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan814
2United States417
3China394
4Brazil117
5India67
6Spain35
7United Kingdom28
8Russian Federation26
9South Korea25
10Indonesia13

Friday, March 12, 2010

Botnet Statistics [2010-03-11]

detection period: 2010-03-11 00:00-23:59 UTC
total number of suspected botnet IPs: 2662
number of botnet IPs notified to network operators: 2397
number of blocked spams: 168739
recipient count of blocked spams: 1481245

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET866
2CHINANET-GD407
3RITELE295
4BSNLNET79
5002.558.157/0001-6274
6RCOM31
7000.065.376/0002-6530
8HATHWAY-NET20
9040.432.544/0001-4720
10TATACOMM-IN19

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China938
2Taiwan877
3Brazil246
4India173
5United States68
6Russian Federation60
7Argentina27
8Colombia23
9South Korea21
10Thailand20

Thursday, March 11, 2010

Botnet Statistics [2010-03-10]

detection period: 2010-03-10 00:00-23:59 UTC
total number of suspected botnet IPs: 2541
number of botnet IPs notified to network operators: 2171
number of blocked spams: 102476
recipient count of blocked spams: 1625452

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET424
2HINET-NET196
3CHINANET-GD151
4RITELE117
5002.558.157/0001-6271
6RCOM65
7AR-TEAR7-LACNIC64
8UNICOM-SD61
9TATACOMM-IN52
10HATHWAY-NET40

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China731
2India634
3Brazil249
4Taiwan215
5United States121
6Argentina118
7Russian Federation77
8Thailand47
9Mexico30
10South Korea27

Wednesday, March 10, 2010

Botnet Statistics [2010-03-09]

detection period: 2010-03-09 00:00-23:59 UTC
total number of suspected botnet IPs: 3073
number of botnet IPs notified to network operators: 2690
number of blocked spams: 76911
recipient count of blocked spams: 1925597

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET536
2BSNLNET422
3RITELE343
4002.558.157/0001-62147
5AR-TEAR7-LACNIC89
6CHINANET-HB73
7RCOM46
8000.065.376/0002-6544
9002.558.134/0001-5843
10UNICOM-SD42

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China750
2India606
3Taiwan554
4Brazil406
5Argentina166
6United States130
7Russian Federation62
8Thailand59
9Colombia29
10Indonesia22

Tuesday, March 9, 2010

Botnet Statistics [2010-03-08]

detection period: 2010-03-08 00:00-23:59 UTC
total number of suspected botnet IPs: 3494
number of botnet IPs notified to network operators: 3092
number of blocked spams: 96716
recipient count of blocked spams: 2029538

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET745
2BSNLNET472
3RITELE303
4002.558.157/0001-62113
5AR-TEAR7-LACNIC98
6RCOM62
7002.558.134/0001-5855
8TATACOMM-IN38
9HATHWAY-NET37
10JUMPSTART-536

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan762
2India671
3China659
4Brazil379
5United States308
6Argentina169
7Russian Federation80
8Thailand53
9Spain34
10Colombia29

Monday, March 8, 2010

Botnet Statistics [2010-03-07]

detection period: 2010-03-07 00:00-23:59 UTC
total number of suspected botnet IPs: 2927
number of botnet IPs notified to network operators: 2566
number of blocked spams: 101596
recipient count of blocked spams: 2504650

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET635
2RITELE409
3BSNLNET279
4AR-TEAR7-LACNIC130
5002.558.157/0001-6271
6002.558.134/0001-5841
7RCOM33
8000.065.376/0002-6532
9UNICOM-SD31
10CHINANET-HB31

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China772
2Taiwan651
3India399
4Brazil272
5Argentina202
6United States148
7Russian Federation86
8Thailand34
9Mexico33
10Colombia27

Sunday, March 7, 2010

Botnet Statistics [2010-03-06]

detection period: 2010-03-06 00:00-23:59 UTC
total number of suspected botnet IPs: 3330
number of botnet IPs notified to network operators: 2979
number of blocked spams: 128860
recipient count of blocked spams: 3760836

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET729
2BSNLNET655
3RITELE195
4AR-TEAR7-LACNIC149
5002.558.157/0001-62110
6RCOM88
7CHINANET-HB70
8HATHWAY-NET64
9TATACOMM-IN61
10002.558.134/0001-5851

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India937
2Taiwan752
3China552
4Brazil362
5Argentina233
6Russian Federation90
7Thailand43
8Mexico34
9United States30
10Colombia27

Saturday, March 6, 2010

Botnet Statistics [2010-03-05]

detection period: 2010-03-05 00:00-23:59 UTC
total number of suspected botnet IPs: 3466
number of botnet IPs notified to network operators: 3137
number of blocked spams: 82232
recipient count of blocked spams: 2469976

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET796
2BSNLNET631
3RITELE247
4002.558.157/0001-62145
5AR-TEAR7-LACNIC125
6RCOM83
7CHINANET-HB74
8TATACOMM-IN59
9002.558.134/0001-5859
10HATHWAY-NET53

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India898
2Taiwan813
3China637
4Brazil403
5Argentina194
6Russian Federation91
7Thailand54
8United States34
9Mexico34
10Uruguay30

Friday, March 5, 2010

Botnet Statistics [2010-03-04]

detection period: 2010-03-04 00:00-23:59 UTC
total number of suspected botnet IPs: 3744
number of botnet IPs notified to network operators: 3383
number of blocked spams: 125595
recipient count of blocked spams: 3878962

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET752
2BSNLNET734
3RITELE302
4AR-TEAR7-LACNIC167
5002.558.157/0001-62139
6RCOM82
7TATACOMM-IN78
8002.558.134/0001-5863
9002.449.992/0001-6458
10HATHWAY-NET55

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1029
2Taiwan767
3China676
4Brazil449
5Argentina246
6Russian Federation125
7Thailand52
8Colombia35
9Uruguay31
10United States29

Thursday, March 4, 2010

Botnet Statistics [2010-03-03]

detection period: 2010-03-03 00:00-23:59 UTC
total number of suspected botnet IPs: 3315
number of botnet IPs notified to network operators: 2969
number of blocked spams: 115478
recipient count of blocked spams: 3600914

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET723
2HINET-NET331
3RITELE304
4AR-TEAR7-LACNIC175
5002.558.157/0001-62149
6RCOM83
7TATACOMM-IN74
8002.558.134/0001-5872
9HATHWAY-NET71
10002.449.992/0001-6447

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1033
2China661
3Brazil465
4Taiwan343
5Argentina252
6Russian Federation107
7Thailand57
8Colombia31
9Uruguay27
10Indonesia25

Wednesday, March 3, 2010

Botnet Statistics [2010-03-02]

detection period: 2010-03-02 00:00-23:59 UTC
total number of suspected botnet IPs: 3138
number of botnet IPs notified to network operators: 2728
number of blocked spams: 123470
recipient count of blocked spams: 3980095

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET718
2RITELE254
3002.558.157/0001-62183
4AR-TEAR7-LACNIC154
5RCOM85
6HATHWAY-NET82
7002.558.134/0001-5871
8TATACOMM-IN65
9CHINANET-HB61
10002.449.992/0001-6453

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1051
2China660
3Brazil495
4Argentina247
5Russian Federation137
6Thailand58
7Mexico46
8Taiwan40
9Uruguay38
10Colombia33

Tuesday, March 2, 2010

Botnet Statistics [2010-03-01]

detection period: 2010-03-01 00:00-23:59 UTC
total number of suspected botnet IPs: 3276
number of botnet IPs notified to network operators: 2837
number of blocked spams: 116724
recipient count of blocked spams: 3743561

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET464
2HINET-NET398
3RITELE291
4AR-TEAR7-LACNIC185
5002.558.157/0001-62180
6002.558.134/0001-5898
7002.449.992/0001-6471
8000.065.376/0002-6547
9TATACOMM-IN44
10MX-GICS-LACNIC44

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China687
2India601
3Brazil574
4Taiwan411
5Argentina283
6Russian Federation131
7Thailand71
8Mexico56
9Ethiopia44
10Uruguay39

Monday, March 1, 2010

Botnet Statistics [2010-02-28]

detection period: 2010-02-28 00:00-23:59 UTC
total number of suspected botnet IPs: 3397
number of botnet IPs notified to network operators: 3075
number of blocked spams: 113852
recipient count of blocked spams: 3617307

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1257
2BSNLNET300
3RITELE189
4AR-TEAR7-LACNIC167
5002.558.157/0001-62124
6002.558.134/0001-5869
7UNICOM-SD41
8TRUENET34
9MX-GICS-LACNIC34
10RCOM32

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1270
2China525
3India415
4Brazil381
5Argentina248
6Russian Federation92
7Thailand65
8Mexico40
9Uruguay31
10Colombia27