Custom Search

Saturday, July 31, 2010

Botnet Statistics [2010-07-30]

detection period: 2010-07-30 00:00-23:59 UTC
total number of suspected botnet IPs: 849
number of botnet IPs notified to network operators: 841
number of blocked spams: 93588
recipient count of blocked spams: 965054

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET428
2CHINANET-GD269
3TFN-NET105
4CHINANET-ZJ-WZ15
5KORNET-KR2
6CHINANET-HB2
7XDSLSTREAMYX1
8VE-TCCA-LACNIC1
9UA-PODOL1
10TeLi1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan533
2China291
3Brazil3
4Russian Federation2
5Malaysia2
6South Korea2
7Italy2
8Germany2
9Venezuela1
10Ukraine1

Friday, July 30, 2010

Botnet Statistics [2010-07-29]

detection period: 2010-07-29 00:00-23:59 UTC
total number of suspected botnet IPs: 1251
number of botnet IPs notified to network operators: 1246
number of blocked spams: 114003
recipient count of blocked spams: 1576775

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET924
2CHINANET-GD202
3TFN-NET93
4CHINANET-ZJ-WZ16
5UK-POUNDHOST-200906291
6SCHLUND-CUSTOMERS1
7RELSOFT-2091
8PIRADIUS-NET1
9IR-DIBATELECOM-200807151
10EE-ESTPAK1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1017
2China222
3Russian Federation1
4Malaysia1
5Republic Of Moldova1
6Iran1
7United Kingdom1
8Estonia1
9Dominican Republic1
10Germany1

Thursday, July 29, 2010

Botnet Statistics [2010-07-28]

detection period: 2010-07-28 00:00-23:59 UTC
total number of suspected botnet IPs: 989
number of botnet IPs notified to network operators: 984
number of blocked spams: 69376
recipient count of blocked spams: 767218

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET597
2CHINANET-GD260
3TFN-NET102
4CHINANET-ZJ-WZ14
5UK-POUNDHOST-200906291
6SCHLUND-CUSTOMERS1
7RELSOFT-2091
8PIRADIUS-NET1
9IR-DIBATELECOM-200807151
10EE-ESTPAK1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan699
2China278
3Russian Federation1
4Malaysia1
5Republic Of Moldova1
6Iran1
7United Kingdom1
8Estonia1
9Dominican Republic1
10Germany1

Wednesday, July 28, 2010

Botnet Statistics [2010-07-27]

detection period: 2010-07-27 00:00-23:59 UTC
total number of suspected botnet IPs: 1160
number of botnet IPs notified to network operators: 1027
number of blocked spams: 103831
recipient count of blocked spams: 1122896

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD341
2TFN-NET189
3RITELE164
4CHINANET-ZJ-WZ27
5AR-TEAR7-LACNIC18
6000.065.376/0002-6515
7TRUEBB-NET10
8CAT-BB-NET10
9UESTC-CN9
10RCOM9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China630
2Taiwan201
3Brazil66
4Argentina44
5Thailand35
6Russian Federation27
7India25
8Colombia17
9Indonesia12
10United States10

Tuesday, July 27, 2010

Botnet Statistics [2010-07-26]

detection period: 2010-07-26 00:00-23:59 UTC
total number of suspected botnet IPs: 2443
number of botnet IPs notified to network operators: 2222
number of blocked spams: 92824
recipient count of blocked spams: 1213678

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET668
2CHINANET-GD527
3RITELE255
4TFN-NET193
5BSNLNET59
6AR-TEAR7-LACNIC50
7000.065.376/0002-6527
8RCOM24
9002.558.134/0001-5821
10CHINANET-ZJ-WZ17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China924
2Taiwan865
3Brazil142
4India111
5Argentina96
6Russian Federation54
7Thailand51
8Colombia21
9United States17
10Ukraine17

Monday, July 26, 2010

Botnet Statistics [2010-07-25]

detection period: 2010-07-25 00:00-23:59 UTC
total number of suspected botnet IPs: 2936
number of botnet IPs notified to network operators: 2737
number of blocked spams: 111224
recipient count of blocked spams: 2010951

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1303
2CHINANET-GD375
3RITELE258
4TFN-NET130
5BSNLNET101
6AR-TEAR7-LACNIC45
7RCOM28
8000.065.376/0002-6523
9002.558.134/0001-5818
10CHINANET-ZJ-WZ17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1439
2China824
3India161
4Brazil115
5Argentina80
6Thailand47
7Russian Federation38
8United States28
9Indonesia19
10Colombia19

Sunday, July 25, 2010

Botnet Statistics [2010-07-24]

detection period: 2010-07-24 00:00-23:59 UTC
total number of suspected botnet IPs: 3813
number of botnet IPs notified to network operators: 3451
number of blocked spams: 115901
recipient count of blocked spams: 2665804

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET756
2HINET-NET597
3TFN-NET379
4CHINANET-GD353
5RITELE278
6AR-TEAR7-LACNIC112
7RCOM89
8TATACOMM-IN78
9HATHWAY-NET58
10ALLIANCEBROADBAND38

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1071
2Taiwan985
3China878
4Brazil218
5Argentina176
6Thailand74
7Russian Federation73
8Indonesia30
9South Korea25
10Uruguay24

Saturday, July 24, 2010

Botnet Statistics [2010-07-23]

detection period: 2010-07-23 00:00-23:59 UTC
total number of suspected botnet IPs: 4801
number of botnet IPs notified to network operators: 4359
number of blocked spams: 123405
recipient count of blocked spams: 3356624

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1324
2BSNLNET813
3CHINANET-GD653
4RITELE210
5TFN-NET149
6RCOM108
7AR-TEAR7-LACNIC89
8TATACOMM-IN71
9HATHWAY-NET63
10002.558.134/0001-5854

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1482
2India1151
3China1139
4Brazil280
5Argentina163
6Russian Federation105
7Thailand84
8Indonesia31
9United States29
10Ethiopia29

Friday, July 23, 2010

Botnet Statistics [2010-07-22]

detection period: 2010-07-22 00:00-23:59 UTC
total number of suspected botnet IPs: 3943
number of botnet IPs notified to network operators: 3497
number of blocked spams: 108604
recipient count of blocked spams: 2803827

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET839
2HINET-NET432
3CHINANET-GD415
4TFN-NET368
5RITELE264
6AR-TEAR7-LACNIC103
7RCOM95
8TATACOMM-IN91
9HATHWAY-NET56
10002.558.134/0001-5848

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1184
2China959
3Taiwan810
4Brazil273
5Argentina170
6Russian Federation94
7Thailand79
8Indonesia33
9Ukraine31
10Ethiopia27

Thursday, July 22, 2010

Botnet Statistics [2010-07-21]

detection period: 2010-07-21 00:00-23:59 UTC
total number of suspected botnet IPs: 3642
number of botnet IPs notified to network operators: 3186
number of blocked spams: 89683
recipient count of blocked spams: 2348217

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET971
2CHINANET-GD656
3TFN-NET154
4RCOM116
5RITELE104
6AR-TEAR7-LACNIC104
7TATACOMM-IN93
8HATHWAY-NET73
9002.558.134/0001-5852
10000.065.376/0002-6547

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1368
2China1037
3Brazil295
4Taiwan179
5Argentina165
6Russian Federation119
7Thailand78
8South Korea27
9Mexico26
10Ethiopia26

Wednesday, July 21, 2010

Botnet Statistics [2010-07-20]

detection period: 2010-07-20 00:00-23:59 UTC
total number of suspected botnet IPs: 3370
number of botnet IPs notified to network operators: 2931
number of blocked spams: 108473
recipient count of blocked spams: 2603178

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET883
2CHINANET-GD473
3RITELE183
4AR-TEAR7-LACNIC122
5RCOM85
6TATACOMM-IN80
7HATHWAY-NET66
8002.558.134/0001-5859
9000.065.376/0002-6545
10002.558.157/0001-6240

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1228
2China996
3Brazil313
4Argentina190
5Russian Federation117
6Thailand73
7Taiwan49
8Ukraine36
9Mexico32
10Ethiopia31

Tuesday, July 20, 2010

Botnet Statistics [2010-07-19]

detection period: 2010-07-19 00:00-23:59 UTC
total number of suspected botnet IPs: 3508
number of botnet IPs notified to network operators: 3040
number of blocked spams: 141462
recipient count of blocked spams: 3144806

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET924
2CHINANET-GD450
3RITELE247
4AR-TEAR7-LACNIC129
5RCOM93
6TATACOMM-IN88
7HATHWAY-NET74
8000.065.376/0002-6545
9002.558.134/0001-5844
10HINET-NET43

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1295
2China1034
3Brazil287
4Argentina210
5Russian Federation110
6Thailand72
7Taiwan59
8Ukraine35
9Indonesia32
10Colombia30

Monday, July 19, 2010

Botnet Statistics [2010-07-18]

detection period: 2010-07-18 00:00-23:59 UTC
total number of suspected botnet IPs: 2418
number of botnet IPs notified to network operators: 2037
number of blocked spams: 166249
recipient count of blocked spams: 3040477

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD545
2BSNLNET308
3RITELE126
4AR-TEAR7-LACNIC90
5002.558.134/0001-5843
6CAT-BB-NET40
7RCOM37
8000.065.376/0002-6536
9TATACOMM-IN29
10UY-ANTA-LACNIC26

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China971
2India449
3Brazil196
4Argentina147
5Russian Federation90
6Thailand83
7Taiwan43
8United States42
9Ukraine36
10Uruguay26

Sunday, July 18, 2010

Botnet Statistics [2010-07-17]

detection period: 2010-07-17 00:00-23:59 UTC
total number of suspected botnet IPs: 2679
number of botnet IPs notified to network operators: 2337
number of blocked spams: 102966
recipient count of blocked spams: 1452375

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET532
2CHINANET-GD514
3RITELE302
4AR-TEAR7-LACNIC86
5TATACOMM-IN54
6RCOM53
7HATHWAY-NET41
8002.558.134/0001-5837
9CAT-BB-NET36
10000.065.376/0002-6535

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1067
2India754
3Brazil209
4Argentina135
5Thailand83
6Russian Federation74
7United States44
8Taiwan35
9Indonesia27
10Colombia23

Saturday, July 17, 2010

Botnet Statistics [2010-07-16]

Taiwan, once the regular champion in my botnet chart, finally dropped out of the top 10 yesterday. China, possibly having the largest internet population in the world, also shows signs of improvement. While China has not left my botnet chart yet, it has managed to stay out of ICSA Labs' Top 10 countries sending spam, Sophos' Dirty dozen spam-relaying countries, and M86 Security Labs' Top 12 Spam Sources by Country for the past few months. China also falls from the all time champion, to around 20th of the last 30 and 7 days, on the spam server country chart of Project Honey Pot.

detection period: 2010-07-16 00:00-23:59 UTC
total number of suspected botnet IPs: 2937
number of botnet IPs notified to network operators: 2480
number of blocked spams: 100248
recipient count of blocked spams: 2456001

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET688
2CHINANET-GD405
3RITELE204
4AR-TEAR7-LACNIC94
5TATACOMM-IN82
6RCOM76
7HATHWAY-NET47
8002.558.134/0001-5843
9000.065.376/0002-6542
10CAT-BB-NET40

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India990
2China903
3Brazil245
4Argentina153
5Russian Federation114
6Thailand91
7United States36
8Ukraine32
9Indonesia31
10Colombia30

Friday, July 16, 2010

Botnet Statistics [2010-07-15]

detection period: 2010-07-15 00:00-23:59 UTC
total number of suspected botnet IPs: 2935
number of botnet IPs notified to network operators: 2544
number of blocked spams: 84834
recipient count of blocked spams: 2112643

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET465
2HINET-NET370
3CHINANET-GD354
4RITELE265
5AR-TEAR7-LACNIC94
6TATACOMM-IN50
7000.065.376/0002-6539
8HATHWAY-NET38
9CAT-BB-NET38
10RCOM37

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China899
2India664
3Taiwan383
4Brazil233
5Argentina155
6Russian Federation116
7Thailand81
8United States51
9Ukraine37
10Colombia27

Thursday, July 15, 2010

Botnet Statistics [2010-07-14]

detection period: 2010-07-14 00:00-23:59 UTC
total number of suspected botnet IPs: 3915
number of botnet IPs notified to network operators: 3464
number of blocked spams: 159905
recipient count of blocked spams: 2898480

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET773
2HINET-NET645
3CHINANET-GD458
4RITELE223
5AR-TEAR7-LACNIC122
6TATACOMM-IN102
7RCOM84
8HATHWAY-NET55
9002.558.134/0001-5845
10000.065.376/0002-6544

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1127
2China1006
3Taiwan664
4Brazil284
5Argentina187
6Russian Federation108
7Thailand80
8United States62
9Ukraine34
10Indonesia34

Wednesday, July 14, 2010

Botnet Statistics [2010-07-13]

detection period: 2010-07-13 00:00-23:59 UTC
total number of suspected botnet IPs: 1495
number of botnet IPs notified to network operators: 1279
number of blocked spams: 115478
recipient count of blocked spams: 1871165

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD424
2RITELE288
3AR-TEAR7-LACNIC57
4002.558.157/0001-6229
5002.558.134/0001-5827
6000.065.376/0002-6522
7076.535.764/0326-9021
8AR-PRSA-LACNIC15
9BSNLNET14
10002.449.992/0001-6414

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China830
2Brazil177
3Argentina98
4Russian Federation44
5India44
6Thailand39
7United States32
8Colombia29
9Indonesia20
10Taiwan17

Tuesday, July 13, 2010

Botnet Statistics [2010-07-12]

detection period: 2010-07-12 00:00-23:59 UTC
total number of suspected botnet IPs: 2206
number of botnet IPs notified to network operators: 1919
number of blocked spams: 84820
recipient count of blocked spams: 1395368

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET452
2CHINANET-GD281
3RITELE280
4AR-TEAR7-LACNIC70
5RCOM60
6TATACOMM-IN57
7002.558.134/0001-5836
8UNICOM-SD33
9000.065.376/0002-6533
10HATHWAY-NET32

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China808
2India666
3Brazil200
4Argentina112
5Russian Federation81
6Thailand61
7Ukraine26
8Colombia26
9Taiwan24
10Indonesia24

Monday, July 12, 2010

Botnet Statistics [2010-07-11]

detection period: 2010-07-11 00:00-23:59 UTC
total number of suspected botnet IPs: 3020
number of botnet IPs notified to network operators: 2756
number of blocked spams: 199522
recipient count of blocked spams: 3817163

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET855
2CHINANET-GD723
3BSNLNET199
4RITELE179
5AR-TEAR7-LACNIC92
6UNICOM-SD38
7000.065.376/0002-6535
8002.558.134/0001-5834
9RCOM30
10CAT-BB-NET27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1155
2Taiwan861
3India279
4Brazil168
5Argentina154
6Russian Federation80
7Thailand74
8Ukraine27
9Indonesia24
10Colombia22

Sunday, July 11, 2010

Botnet Statistics [2010-07-10]

detection period: 2010-07-10 00:00-23:59 UTC
total number of suspected botnet IPs: 3411
number of botnet IPs notified to network operators: 3044
number of blocked spams: 225713
recipient count of blocked spams: 5230667

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET876
2CHINANET-GD586
3RITELE219
4AR-TEAR7-LACNIC125
5RCOM97
6TATACOMM-IN95
7HATHWAY-NET70
8HINET-NET61
9002.558.134/0001-5860
10000.065.376/0002-6549

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1248
2China1109
3Brazil280
4Argentina198
5Russian Federation102
6Taiwan72
7Thailand67
8Ukraine29
9Indonesia28
10Colombia28

Saturday, July 10, 2010

Botnet Statistics [2010-07-09]

detection period: 2010-07-09 00:00-23:59 UTC
total number of suspected botnet IPs: 5105
number of botnet IPs notified to network operators: 4650
number of blocked spams: 235868
recipient count of blocked spams: 5732387

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET1264
2HINET-NET845
3CHINANET-GD804
4RITELE199
5TATACOMM-IN129
6RCOM129
7AR-TEAR7-LACNIC105
8HATHWAY-NET91
9002.558.134/0001-5874
10ALLIANCEBROADBAND60

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1749
2China1347
3Taiwan857
4Brazil354
5Argentina182
6Russian Federation124
7Thailand90
8Ethiopia51
9Indonesia35
10Ukraine34

Friday, July 9, 2010

Botnet Statistics [2010-07-08]

detection period: 2010-07-08 00:00-23:59 UTC
total number of suspected botnet IPs: 4863
number of botnet IPs notified to network operators: 4379
number of blocked spams: 152286
recipient count of blocked spams: 4078687

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET1097
2HINET-NET1091
3CHINANET-GD539
4RITELE171
5AR-TEAR7-LACNIC131
6TATACOMM-IN129
7RCOM123
8HATHWAY-NET79
9002.558.134/0001-5862
10ALLIANCEBROADBAND57

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1559
2Taiwan1100
3China1040
4Brazil327
5Argentina199
6Russian Federation142
7Thailand103
8Ukraine43
9Ethiopia42
10Indonesia34

Thursday, July 8, 2010

Botnet Statistics [2010-07-07]

detection period: 2010-07-07 00:00-23:59 UTC
total number of suspected botnet IPs: 4241
number of botnet IPs notified to network operators: 3705
number of blocked spams: 211921
recipient count of blocked spams: 5156727

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET1224
2CHINANET-GD786
3RITELE141
4RCOM129
5AR-TEAR7-LACNIC129
6TATACOMM-IN123
7ALLIANCEBROADBAND81
8HATHWAY-NET79
9002.558.134/0001-5873
10002.449.992/0001-6455

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1711
2China1245
3Brazil369
4Argentina194
5Russian Federation142
6Thailand83
7Ethiopia52
8Taiwan41
9Ukraine36
10Colombia36

Wednesday, July 7, 2010

Botnet Statistics [2010-07-06]

detection period: 2010-07-06 00:00-23:59 UTC
total number of suspected botnet IPs: 4482
number of botnet IPs notified to network operators: 3987
number of blocked spams: 162529
recipient count of blocked spams: 4313365

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET1127
2HINET-NET713
3CHINANET-GD491
4RCOM137
5AR-TEAR7-LACNIC130
6RITELE129
7TATACOMM-IN91
8HATHWAY-NET75
9002.558.134/0001-5874
10ALLIANCEBROADBAND69

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1589
2China944
3Taiwan723
4Brazil368
5Argentina212
6Russian Federation151
7Thailand61
8Ethiopia37
9South Korea36
10Colombia36

Tuesday, July 6, 2010

Botnet Statistics [2010-07-05]

detection period: 2010-07-05 00:00-23:59 UTC
total number of suspected botnet IPs: 4064
number of botnet IPs notified to network operators: 3517
number of blocked spams: 129129
recipient count of blocked spams: 3771392

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET1148
2CHINANET-GD578
3RITELE185
4AR-TEAR7-LACNIC155
5RCOM99
6002.558.134/0001-5885
7TATACOMM-IN81
8ETHIONET65
9002.449.992/0001-6461
10000.065.376/0002-6560

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India1462
2China1133
3Brazil410
4Argentina252
5Russian Federation183
6Thailand90
7Ethiopia65
8Taiwan51
9Ukraine44
10South Korea36

Monday, July 5, 2010

Botnet Statistics [2010-07-04]

detection period: 2010-07-04 00:00-23:59 UTC
total number of suspected botnet IPs: 2118
number of botnet IPs notified to network operators: 1848
number of blocked spams: 103940
recipient count of blocked spams: 2869921

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD480
2RITELE246
3BSNLNET244
4AR-TEAR7-LACNIC107
5RCOM41
6002.558.134/0001-5841
7000.065.376/0002-6536
8TRUENET26
9UNICOM-SD25
10TATACOMM-IN24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China981
2India370
3Brazil176
4Argentina160
5Russian Federation81
6Thailand67
7Taiwan30
8Ukraine24
9Indonesia19
10Mexico18

Sunday, July 4, 2010

Botnet Statistics [2010-07-03]

detection period: 2010-07-03 00:00-23:59 UTC
total number of suspected botnet IPs: 2651
number of botnet IPs notified to network operators: 2359
number of blocked spams: 77676
recipient count of blocked spams: 2255889

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET623
2CHINANET-GD526
3HINET-NET108
4AR-TEAR7-LACNIC108
5RITELE88
6RCOM81
7TATACOMM-IN61
8HATHWAY-NET56
9UNICOM-SD39
10002.558.134/0001-5835

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India903
2China887
3Brazil193
4Argentina164
5Taiwan118
6Thailand72
7Russian Federation69
8Indonesia23
9Colombia22
10Ukraine21

Saturday, July 3, 2010

Botnet Statistics for June 2010

We saw a substantial increase in number of detected bots in June (from 54K in May to 74K in June). Part of the reason might be that I added another detection system around the end of May. There are currently 3 systems running, though one of them is going to be taken offline before the coming August.

But I guess that another event, the public disclosure of a zero-day vulnerability in Microsoft XP by a Google researcher, also contributed to the increased bot counts. He posted his finding - the details of the vulnerability and proof-of-concept code - to a mailing list on June 10, 5 days after he had informed Microsoft of the vulnerability. Take a look at bot counts graphs in 5-day entroby at Shadowserver Foundation. You can see that around one third into June (about June 10), bot counts changed from a rapid declining trend to an increasing one. Though I detected more bots in June, they did not fall back to the previous level, as Microsoft haven't released an official patch for that vulnerability yet.

detection period: 2010-06-01 00:00 - 2010-06-30 23:59 UTC
total number of suspected botnet IPs: 74883
number of blocked spams: 4221977
recipient count of blocked spams: 100120734

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India25243
2Taiwan16854
3China15323
4Brazil5029
5Argentina3187
6Russian Federation2059
7Thailand1032
8Ukraine617
9Mexico523
10Ethiopia522
11United States433
12Uruguay349
13Chile253
14Germany241
15Indonesia222
16South Korea188
17Japan184
18Colombia175
19Belarus152
20Algeria136
21Iran129
22Kazakhstan128
23France128
24Hong Kong122
25Egypt106

The top 25 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1China1155932
2Taiwan792198
3Brazil459900
4India341508
5Malaysia235830
6Russian Federation154396
7United States133067
8Thailand112624
9Indonesia99006
10Argentina95129
11Colombia78206
12Ukraine39531
13Chile36692
14South Korea31964
15Czech Republic30782
16Poland28600
17France27340
18Viet Nam21405
19Pakistan19818
20Saudi Arabia18992
21United Kingdom16810
22Germany16643
23Philippines16404
24Czechoslovakia16397
25Italy16167

The top 25 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Botnet Statistics [2010-07-02]

detection period: 2010-07-02 00:00-23:59 UTC
total number of suspected botnet IPs: 5132
number of botnet IPs notified to network operators: 4727
number of blocked spams: 130775
recipient count of blocked spams: 3800596

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1344
2CHINANET-GD968
3BSNLNET914
4RITELE243
5AR-TEAR7-LACNIC117
6RCOM105
7TATACOMM-IN99
8002.558.134/0001-5856
9HATHWAY-NET53
10000.065.376/0002-6546

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1527
2Taiwan1356
3India1284
4Brazil270
5Argentina187
6Russian Federation113
7Thailand85
8Ukraine38
9Ethiopia29
10Indonesia28

Friday, July 2, 2010

Botnet Statistics [2010-07-01]

detection period: 2010-07-01 00:00-23:59 UTC
total number of suspected botnet IPs: 4495
number of botnet IPs notified to network operators: 4162
number of blocked spams: 77617
recipient count of blocked spams: 2142647

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1321
2BSNLNET755
3CHINANET-GD640
4RITELE266
5AR-TEAR7-LACNIC103
6RCOM98
7TATACOMM-IN66
8HATHWAY-NET53
9002.558.134/0001-5852
10ALLIANCEBROADBAND36

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1327
2China1161
3India1069
4Brazil293
5Argentina156
6Russian Federation96
7Thailand80
8Ukraine35
9Indonesia34
10Colombia28

Thursday, July 1, 2010

Botnet Statistics [2010-06-30]

detection period: 2010-06-30 00:00-23:59 UTC
total number of suspected botnet IPs: 4494
number of botnet IPs notified to network operators: 4112
number of blocked spams: 62435
recipient count of blocked spams: 1377494

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1296
2CHINANET-GD713
3BSNLNET712
4RITELE261
5RCOM99
6AR-TEAR7-LACNIC79
7TATACOMM-IN65
8HATHWAY-NET51
9ALLIANCEBROADBAND48
10000.065.376/0002-6542

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1306
2China1262
3India1047
4Brazil249
5Argentina145
6Russian Federation110
7Thailand66
8Indonesia33
9South Korea26
10Colombia24