Custom Search

Monday, February 28, 2011

Botnet Statistics [2011-02-27]

detection period: 2011-02-27 00:00-23:59 UTC
total number of suspected botnet IPs: 2172
number of botnet IPs notified to network operators: 1635
number of blocked spams: 290142
recipient count of blocked spams: 9465717

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ288
2HINET-NET231
3CHINANET-GD191
4BSNLNET33
5CTTNET32
6CRTC29
7CHINANET-ZJ-WZ29
8CHINANET-JS25
9KORNET-KR24
10000.065.376/0002-6524

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China788
2Taiwan246
3Brazil160
4Russian Federation107
5United States101
6India84
7South Korea47
8Ukraine44
9Thailand40
10Indonesia40

Sunday, February 27, 2011

Botnet Statistics [2011-02-26]

detection period: 2011-02-26 00:00-23:59 UTC
total number of suspected botnet IPs: 2976
number of botnet IPs notified to network operators: 2267
number of blocked spams: 215799
recipient count of blocked spams: 6725560

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ380
2HINET-NET236
3CHINANET-GD236
4VNPT-VNNIC-VN77
5BSNLNET68
6TELKOMNET49
7KORNET-KR47
8RCOM36
9CTTNET35
10CRTC32

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China952
2Taiwan257
3India198
4Brazil167
5Russian Federation139
6Indonesia120
7Viet Nam108
8United States104
9South Korea87
10Ukraine73

Saturday, February 26, 2011

Botnet Statistics [2011-02-25]

detection period: 2011-02-25 00:00-23:59 UTC
total number of suspected botnet IPs: 3795
number of botnet IPs notified to network operators: 2902
number of blocked spams: 294486
recipient count of blocked spams: 9147882

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ329
2CHINANET-GD278
3HINET-NET243
4BSNLNET132
5VNPT-VNNIC-VN117
6TELKOMNET89
7KORNET-KR68
8CHINANET-JS54
9RCOM43
10UNICOM-HN41

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1084
2India316
3Taiwan262
4Brazil242
5Indonesia210
6Russian Federation199
7Viet Nam162
8South Korea134
9United States108
10Ukraine95

Friday, February 25, 2011

Botnet Statistics [2011-02-24]

detection period: 2011-02-24 00:00-23:59 UTC
total number of suspected botnet IPs: 3354
number of botnet IPs notified to network operators: 2501
number of blocked spams: 164454
recipient count of blocked spams: 4602467

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ360
2CHINANET-GD251
3HINET-NET233
4VNPT-VNNIC-VN92
5KORNET-KR62
6TELKOMNET61
7BSNLNET55
8UNICOM-HN39
9PTCL39
10CRTC36

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1025
2Taiwan252
3Brazil204
4India159
5Indonesia148
6Russian Federation133
7Viet Nam129
8South Korea116
9United States110
10Ukraine62

Thursday, February 24, 2011

Botnet Statistics [2011-02-23]

detection period: 2011-02-23 00:00-23:59 UTC
total number of suspected botnet IPs: 3477
number of botnet IPs notified to network operators: 2682
number of blocked spams: 210137
recipient count of blocked spams: 6158853

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ333
2CHINANET-GD230
3HINET-NET226
4VNPT-VNNIC-VN141
5TELKOMNET82
6BSNLNET72
7KORNET-KR70
8PTCL35
9RCOM34
10TATACOMM-IN31

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China983
2Taiwan239
3Brazil219
4India218
5Indonesia195
6Viet Nam190
7South Korea164
8Russian Federation122
9United States120
10Ukraine67

Wednesday, February 23, 2011

Botnet Statistics [2011-02-22]

detection period: 2011-02-22 00:00-23:59 UTC
total number of suspected botnet IPs: 3684
number of botnet IPs notified to network operators: 2761
number of blocked spams: 298353
recipient count of blocked spams: 8376552

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ382
2CHINANET-GD227
3HINET-NET222
4VNPT-VNNIC-VN120
5TELKOMNET83
6PTCL80
7BSNLNET77
8KORNET-KR64
9CTTNET49
10CHINANET-JS40

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1111
2Taiwan236
3India227
4Brazil220
5Indonesia183
6Viet Nam162
7Russian Federation156
8South Korea144
9United States109
10Pakistan96

Tuesday, February 22, 2011

Botnet Statistics [2011-02-21]

detection period: 2011-02-21 00:00-23:59 UTC
total number of suspected botnet IPs: 2943
number of botnet IPs notified to network operators: 2186
number of blocked spams: 290423
recipient count of blocked spams: 8002769

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ437
2HINET-NET226
3CHINANET-GD211
4PTCL46
5VNPT-VNNIC-VN45
6KORNET-KR34
7BSNLNET32
8CHINANET-ZJ-WZ29
9002.558.157/0001-6227
10TELKOMNET24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China985
2Taiwan240
3Brazil182
4Russian Federation122
5United States109
6India106
7Indonesia72
8Poland64
9South Korea64
10Ukraine61

Monday, February 21, 2011

Botnet Statistics [2011-02-20]

detection period: 2011-02-20 00:00-23:59 UTC
total number of suspected botnet IPs: 2315
number of botnet IPs notified to network operators: 1771
number of blocked spams: 315361
recipient count of blocked spams: 8176908

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ419
2HINET-NET227
3CHINANET-GD201
4VNPT-VNNIC-VN42
5TELKOMNET40
6CHINANET-JS27
7CRTC24
8KORNET-KR23
9UNICOM-HN19
10UNICOM-SD17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China913
2Taiwan239
3Brazil116
4United States99
5Russian Federation95
6Indonesia85
7India77
8Viet Nam61
9South Korea51
10Ukraine43

Sunday, February 20, 2011

Botnet Statistics [2011-02-19]

detection period: 2011-02-19 00:00-23:59 UTC
total number of suspected botnet IPs: 3288
number of botnet IPs notified to network operators: 2532
number of blocked spams: 293792
recipient count of blocked spams: 7806783

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ423
2HINET-NET237
3CHINANET-GD215
4VNPT-VNNIC-VN127
5TELKOMNET89
6BSNLNET65
7PTCL59
8BY-BELPAK-2009121045
9UNICOM-HN42
10KORNET-KR42

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1035
2Taiwan252
3India199
4Indonesia187
5Viet Nam173
6Brazil170
7Russian Federation132
8United States88
9South Korea76
10Ukraine72

Saturday, February 19, 2011

Botnet Statistics [2011-02-18]

detection period: 2011-02-18 00:00-23:59 UTC
total number of suspected botnet IPs: 2594
number of botnet IPs notified to network operators: 2015
number of blocked spams: 275976
recipient count of blocked spams: 7440732

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ359
2HINET-NET234
3CHINANET-GD133
4VNPT-VNNIC-VN82
5TELKOMNET54
6UNICOM-HA39
7PTCL33
8BSNLNET33
9CHINANET-JS31
10CRTC29

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China904
2Taiwan242
3Brazil150
4Indonesia130
5Viet Nam120
6India107
7Russian Federation98
8South Korea53
9United States49
10Ukraine48

Friday, February 18, 2011

Botnet Statistics [2011-02-17]

detection period: 2011-02-17 00:00-23:59 UTC
total number of suspected botnet IPs: 2656
number of botnet IPs notified to network operators: 2120
number of blocked spams: 172393
recipient count of blocked spams: 4453201

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ353
2CHINANET-GD242
3HINET-NET234
4BSNLNET76
5UNICOM-HA51
6UNICOM-HN45
7CHINANET-HN44
8CHINANET-JS40
9CHINATELECOM-BJ37
10KORNET-KR33

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1097
2Taiwan246
3India166
4Brazil161
5Russian Federation108
6South Korea61
7Indonesia53
8Thailand51
9Viet Nam43
10United States41

Thursday, February 17, 2011

Botnet Statistics [2011-02-16]

detection period: 2011-02-16 00:00-23:59 UTC
total number of suspected botnet IPs: 2265
number of botnet IPs notified to network operators: 1831
number of blocked spams: 170394
recipient count of blocked spams: 4347115

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-BJ349
2HINET-NET227
3CHINANET-GD193
4CTTNET84
5UNICOM-HN60
6UNICOM-HA60
7CHINANET-HN51
8CRTC38
9CHINANET-JS31
10BSNLNET30

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1041
2Taiwan233
3Brazil138
4Russian Federation98
5India89
6Ukraine46
7Indonesia45
8Viet Nam36
9South Korea31
10Colombia31

Wednesday, February 16, 2011

Botnet Statistics [2011-02-15]

detection period: 2011-02-15 00:00-23:59 UTC
total number of suspected botnet IPs: 2524
number of botnet IPs notified to network operators: 2067
number of blocked spams: 188211
recipient count of blocked spams: 4086799

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD356
2UNICOM-BJ311
3HINET-NET235
4BSNLNET82
5UNICOM-HA48
6VNPT-VNNIC-VN46
7CRTC36
8UNICOM-HN32
9002.558.134/0001-5832
10CTTNET31

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1029
2Taiwan247
3Brazil186
4India182
5Russian Federation114
6Viet Nam62
7Thailand52
8Indonesia49
9Ukraine48
10South Korea47

Tuesday, February 15, 2011

Botnet Statistics [2011-02-14]

detection period: 2011-02-14 00:00-23:59 UTC
total number of suspected botnet IPs: 2620
number of botnet IPs notified to network operators: 2167
number of blocked spams: 133787
recipient count of blocked spams: 2871448

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD537
2UNICOM-BJ337
3HINET-NET237
4UNICOM-HA80
5BSNLNET52
6CTTNET41
7002.558.134/0001-5833
8CRTC32
9VNPT-VNNIC-VN30
10CHINATELECOM-BJ30

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1251
2Taiwan250
3Brazil175
4India138
5Russian Federation116
6Ukraine44
7Indonesia41
8Viet Nam40
9Pakistan35
10Thailand33

Monday, February 14, 2011

Botnet Statistics [2011-02-13]

detection period: 2011-02-13 00:00-23:59 UTC
total number of suspected botnet IPs: 2696
number of botnet IPs notified to network operators: 2207
number of blocked spams: 155000
recipient count of blocked spams: 3411503

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD509
2UNICOM-BJ353
3HINET-NET225
4UNICOM-HA72
5CTTNET50
6BSNLNET48
7PTCL45
8VNPT-VNNIC-VN38
9CRTC36
10BY-BELPAK-2009121030

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1204
2Taiwan234
3Brazil148
4India119
5Russian Federation114
6Indonesia66
7Viet Nam61
8Thailand59
9Ukraine56
10Pakistan52

Sunday, February 13, 2011

Botnet Statistics [2011-02-12]

detection period: 2011-02-12 00:00-23:59 UTC
total number of suspected botnet IPs: 2893
number of botnet IPs notified to network operators: 2379
number of blocked spams: 128780
recipient count of blocked spams: 3087515

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD643
2UNICOM-BJ281
3HINET-NET241
4BSNLNET82
5UNICOM-HA73
6VNPT-VNNIC-VN46
7TELKOMNET44
8CTTNET35
9CRTC33
10PTCL32

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1276
2Taiwan252
3India215
4Brazil181
5Russian Federation115
6Indonesia89
7Viet Nam64
8Ukraine61
9Thailand45
10Pakistan38

Saturday, February 12, 2011

Botnet Statistics [2011-02-11]

detection period: 2011-02-11 00:00-23:59 UTC
total number of suspected botnet IPs: 2344
number of botnet IPs notified to network operators: 1956
number of blocked spams: 125086
recipient count of blocked spams: 3278880

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD689
2UNICOM-BJ336
3HINET-NET231
4UNICOM-HA34
5BSNLNET32
6RCOM23
7003.420.926/0002-0522
8CRTC21
9CHINANET-ZJ-WZ20
10002.558.157/0001-6219

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1245
2Taiwan241
3Brazil131
4India102
5Russian Federation84
6Ukraine37
7Indonesia32
8South Korea31
9Belarus27
10Poland26

Friday, February 11, 2011

Botnet Statistics [2011-02-10]

detection period: 2011-02-10 00:00-23:59 UTC
total number of suspected botnet IPs: 2810
number of botnet IPs notified to network operators: 2300
number of blocked spams: 156964
recipient count of blocked spams: 4082325

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD696
2UNICOM-BJ292
3HINET-NET239
4BSNLNET83
5VNPT-VNNIC-VN59
6PTCL36
7TELKOMNET32
8RCOM32
9002.558.157/0001-6232
10002.558.134/0001-5830

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1175
2Taiwan249
3India207
4Brazil178
5Russian Federation114
6Viet Nam83
7Indonesia81
8Thailand57
9South Korea48
10Colombia41

Thursday, February 10, 2011

Botnet Statistics [2011-02-09]

detection period: 2011-02-09 00:00-23:59 UTC
total number of suspected botnet IPs: 2968
number of botnet IPs notified to network operators: 2443
number of blocked spams: 197991
recipient count of blocked spams: 4491778

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD696
2UNICOM-BJ403
3HINET-NET225
4VNPT-VNNIC-VN81
5BSNLNET76
6TELKOMNET63
7PTCL48
8002.558.134/0001-5830
9CRTC26
10KORNET-KR24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1272
2Taiwan234
3India184
4Brazil170
5Indonesia124
6Viet Nam111
7Russian Federation90
8Pakistan55
9Thailand51
10South Korea50

Wednesday, February 9, 2011

Botnet Statistics [2011-02-08]

detection period: 2011-02-08 00:00-23:59 UTC
total number of suspected botnet IPs: 2743
number of botnet IPs notified to network operators: 2238
number of blocked spams: 180042
recipient count of blocked spams: 3888248

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD664
2UNICOM-BJ375
3HINET-NET226
4VNPT-VNNIC-VN58
5TELKOMNET57
6BSNLNET55
7PTCL34
8CRTC29
9RCOM28
10KORNET-KR27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1212
2Taiwan241
3India150
4Brazil147
5Indonesia126
6Russian Federation103
7Viet Nam86
8South Korea52
9Thailand44
10Pakistan39

Tuesday, February 8, 2011

Botnet Statistics [2011-02-07]

detection period: 2011-02-07 00:00-23:59 UTC
total number of suspected botnet IPs: 2582
number of botnet IPs notified to network operators: 2006
number of blocked spams: 190507
recipient count of blocked spams: 3943164

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD369
2UNICOM-BJ365
3HINET-NET242
4BSNLNET76
5PTCL74
6VNPT-VNNIC-VN54
7KORNET-KR46
8TELKOMNET45
9RCOM27
10TATACOMM-IN24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China897
2Taiwan251
3India212
4Brazil162
5Russian Federation112
6Indonesia95
7Pakistan81
8South Korea73
9Viet Nam68
10Ukraine54

Monday, February 7, 2011

Botnet Statistics [2011-02-06]

As botnets have become the tool of choice when hackers commit cyber crime, what we do to mitigate botnets are really preventive measures against future cyber incidents indeed. Many security experts have expressed worries over even larger DDoS attacks and cyber threats this year, but if we can keep botnets at bay through detection and notification, we should be fine.

detection period: 2011-02-06 00:00-23:59 UTC
total number of suspected botnet IPs: 1779
number of botnet IPs notified to network operators: 1340
number of blocked spams: 228446
recipient count of blocked spams: 5773274

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET219
2UNICOM-BJ196
3CHINANET-GD175
4PTCL54
5BSNLNET38
6VNPT-VNNIC-VN30
7CRTC29
8KORNET-KR27
9002.558.134/0001-5823
10TELKOMNET22

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China505
2Taiwan226
3Brazil128
4India108
5Russian Federation91
6Pakistan61
7Ukraine56
8Indonesia51
9Viet Nam39
10South Korea39

Sunday, February 6, 2011

Botnet Statistics [2011-02-05]

detection period: 2011-02-05 00:00-23:59 UTC
total number of suspected botnet IPs: 1850
number of botnet IPs notified to network operators: 1324
number of blocked spams: 200812
recipient count of blocked spams: 4784222

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET241
2CHINANET-GD198
3BSNLNET91
4PTCL74
5BY-BELPAK-2009121033
6VNPT-VNNIC-VN32
7KORNET-KR32
8RCOM30
9TELKOMNET28
10TATACOMM-IN23

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China342
2Taiwan250
3India223
4Brazil124
5Russian Federation99
6Pakistan76
7Indonesia71
8South Korea52
9Ukraine50
10Viet Nam40

Saturday, February 5, 2011

Botnet Statistics for January 2011

As my statistics are posted in fixed format, I often copy the post of the previous day/month into a new post, and change only the numbers and charts. Today, when I tried to compose the first monthly statistics for 2011, I found out that the ending time of all my monthly detection periods last year had been incorrectly written as "2001." It took me some time to fix this for all the 12 monthly statistics reports of 2010.

detection period: 2011-01-01 00:00 - 2011-01-31 23:59 UTC
total number of suspected botnet IPs: 26043
number of blocked spams: 8502516
recipient count of blocked spams: 272619859

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1India8112
2China6055
3Taiwan4510
4Brazil1243
5Thailand1183
6Russian Federation1041
7Argentina591
8Ukraine499
9United States272
10Kazakhstan255
11South Korea186
12Indonesia171
13Belarus165
14Uruguay123
15Ethiopia118
16Colombia101
17Germany95
18Chile89
19Mexico71
20Bulgaria70
21Algeria64
22France59
23Poland57
24Italy56
25United Kingdom48

The top 25 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1China1921299
2Brazil986501
3United States719760
4Russian Federation418702
5India366314
6Taiwan316951
7Colombia292063
8Indonesia246039
9France243892
10Thailand210108
11South Korea200519
12Poland138745
13Italy134871
14Germany123351
15Ukraine122822
16Argentina113744
17Chile96375
18Spain92300
19United Kingdom80544
20Saudi Arabia75205
21Viet Nam71471
22Mexico69701
23Venezuela68870
24Iran65737
25Philippines65331

The top 25 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Botnet Statistics [2011-02-04]

detection period: 2011-02-04 00:00-23:59 UTC
total number of suspected botnet IPs: 1505
number of botnet IPs notified to network operators: 1132
number of blocked spams: 256761
recipient count of blocked spams: 5713566

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET236
2CHINANET-GD162
3BSNLNET63
4RCOM31
5002.558.157/0001-6226
6KORNET-KR21
7CHINANET-ZJ-WZ21
8002.558.134/0001-5819
9000.065.376/0002-6518
10AR-TEAR7-LACNIC16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China281
2Taiwan243
3India151
4Brazil142
5Russian Federation82
6Thailand49
7Colombia41
8South Korea36
9Ukraine32
10Argentina31

Friday, February 4, 2011

Botnet Statistics [2011-02-03]

Today I included data gathered from greylisting to my statistics, except the number of blocked spams and recipient count of blocked spams, which greylisting does not apply.

detection period: 2011-02-03 00:00-23:59 UTC
total number of suspected botnet IPs: 1621
number of botnet IPs notified to network operators: 1169
number of blocked spams: 183725
recipient count of blocked spams: 4253926

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET235
2CHINANET-GD172
3BSNLNET78
4RCOM28
5002.558.157/0001-6224
6076.535.764/0326-9019
7BY-BELPAK-2009121018
8033.530.486/0001-2918
9003.420.926/0002-0518
10KORNET-KR17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China287
2Taiwan243
3India165
4Brazil143
5Russian Federation95
6Thailand40
7Colombia39
8United States38
9South Korea34
10Germany34

Thursday, February 3, 2011

Botnet Statistics [2011-02-02]

detection period: 2011-02-02 00:00-23:59 UTC
total number of suspected botnet IPs: 842
number of botnet IPs notified to network operators: 689
number of blocked spams: 168469
recipient count of blocked spams: 3503746

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET231
2CHINANET-GD158
3RCOM13
4CHINANET-ZJ-WZ12
5BSNLNET12
6003.420.926/0002-059
7076.535.764/0326-908
8002.558.157/0001-628
9INTER-SAT7
10CO-ACSA-LACNIC7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China256
2Taiwan238
3Brazil54
4India45
5Russian Federation41
6United States20
7Colombia18
8Poland14
9Indonesia14
10South Korea9

Wednesday, February 2, 2011

Botnet Statistics [2011-02-01]

I have been trying to detect botnets with greylisting recently. Today I sent a small batch of botnet notification based on greylisting's detection for the first time. Fake open relay will still be my primary detection mechanism. Greylisting will be used only for those bots not reported by fake open relay. The following statistics does not include bots detected by greylisting.

detection period: 2011-02-01 00:00-23:59 UTC
total number of suspected botnet IPs: 881
number of botnet IPs notified to network operators: 719
number of blocked spams: 170267
recipient count of blocked spams: 3523360

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET231
2CHINANET-GD144
3CHINANET-ZJ-WZ22
4RCOM17
5BSNLNET14
6003.420.926/0002-0510
7CHINANET-ZJ9
8002.558.157/0001-629
9KORNET-KR7
10INTER-SAT7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China259
2Taiwan236
3India57
4Brazil53
5Russian Federation46
6United States24
7Colombia19
8Indonesia16
9Poland14
10South Korea14

Tuesday, February 1, 2011

Botnet Statistics [2011-01-31]

detection period: 2011-01-31 00:00-23:59 UTC
total number of suspected botnet IPs: 1001
number of botnet IPs notified to network operators: 832
number of blocked spams: 213572
recipient count of blocked spams: 5102123

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET215
2CHINANET-GD215
3UNICOM-BJ65
4RCOM16
5CHINANET-ZJ-WZ13
6BSNLNET12
7003.420.926/0002-059
8KORNET-KR8
9CHINANET-FJ8
10002.558.157/0001-628

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China390
2Taiwan221
3Brazil54
4India49
5Russian Federation46
6United States25
7Colombia18
8Indonesia16
9South Korea15
10Poland14