Custom Search

Tuesday, December 31, 2013

Suspected Bot List [2013-12-30]

detection period: 2013-12-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 256

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
CN150.255.132.106China
DO190.94.63.166Dominican Republic
ES46.24.99.86Spain
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.239.29.114India
IN117.240.239.120India
IN202.63.105.226India
IT95.227.34.226Italy
MX189.204.49.66Mexico
PE200.31.105.172Peru
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
TW61.64.21.68Taiwan
TW119.77.206.218Taiwan
US50.201.42.106United States
US67.229.59.146United States
US98.126.76.58United States

List from greylisting:

Botnet Statistics [2013-12-30]

detection period: 2013-12-30 00:00-23:59 UTC
total number of suspected botnet IPs: 3057
number of botnet IPs notified to network operators: 2801
number of spam blocked: 32624
recipient count of spam blocked: 1186706

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD269
2CMNET156
3UNICOM-SD140
4CRTC123
5CTTNET113
6CHINANET-JS96
7UNICOM-LN90
8UNICOM-HA79
9UNICOM-JL78
10UNICOM-HE75

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2324
2United States64
3Taiwan57
4Brazil49
5Spain41
6Italy34
7Russian Federation29
8Argentina27
9Germany26
10Colombia24

Monday, December 30, 2013

Suspected Bot List [2013-12-29]

detection period: 2013-12-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 182

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
DO190.94.63.166Dominican Republic
ES46.24.99.86Spain
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN202.63.105.226India
IT95.227.34.226Italy
MO60.246.154.160Macau
MX189.204.49.66Mexico
PE200.31.105.172Peru
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
TW61.64.21.68Taiwan
US50.201.42.106United States
US67.229.59.146United States
US98.126.76.58United States

List from greylisting:

Botnet Statistics [2013-12-29]

detection period: 2013-12-29 00:00-23:59 UTC
total number of suspected botnet IPs: 1868
number of botnet IPs notified to network operators: 1686
number of spam blocked: 41466
recipient count of spam blocked: 1573246

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD215
2UNICOM-SD74
3CTTNET73
4CMNET56
5CRTC54
6UNICOM-LN52
7CHINANET-XJ50
8CHINANET-JS48
9UNICOM-HA41
10CHINANET-FJ41

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1301
2United States54
3Taiwan30
4Spain30
5Germany29
6Brazil28
7United Kingdom27
8Argentina27
9Iran23
10Russian Federation22

Sunday, December 29, 2013

Suspected Bot List [2013-12-28]

detection period: 2013-12-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 211

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
CN150.255.0.54China
CN150.255.19.233China
CN150.255.161.149China
CN150.255.177.135China
CN150.255.185.84China
DO190.94.63.166Dominican Republic
ES46.24.99.86Spain
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN202.63.105.226India
IR91.98.117.30Iran
IT95.227.34.226Italy
MX189.204.49.66Mexico
PE200.31.105.172Peru
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
US50.201.42.106United States
US67.229.59.146United States
US98.126.76.58United States

List from greylisting:

Botnet Statistics [2013-12-28]

detection period: 2013-12-28 00:00-23:59 UTC
total number of suspected botnet IPs: 2400
number of botnet IPs notified to network operators: 2189
number of spam blocked: 49111
recipient count of spam blocked: 1868558

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD277
2CMNET120
3UNICOM-SD109
4CTTNET98
5CRTC83
6CHINANET-JS77
7UNICOM-LN64
8UNICOM-HA55
9CHINANET-XJ52
10UNICOM-HE47

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1756
2Taiwan64
3United States63
4Brazil36
5United Kingdom35
6Argentina30
7Germany28
8Iran27
9Peru25
10Colombia25

Saturday, December 28, 2013

Suspected Bot List [2013-12-27]

detection period: 2013-12-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 352

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO190.129.12.162Bolivia
CO190.90.2.30Colombia
DO190.94.63.166Dominican Republic
ES46.24.99.86Spain
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.239.29.114India
IN117.240.239.120India
IN202.63.105.226India
IR91.98.117.30Iran
IR94.182.248.19Iran
IT95.227.34.226Italy
IT95.253.67.148Italy
KZ109.229.189.175Kazakhstan
MX187.174.173.18Mexico
MX189.204.49.66Mexico
PE200.31.105.172Peru
PH124.107.158.30Philippines
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
TW211.76.93.140Taiwan
US50.201.42.106United States
US67.229.59.146United States
US98.126.76.58United States

List from greylisting:

Botnet Statistics [2013-12-27]

detection period: 2013-12-27 00:00-23:59 UTC
total number of suspected botnet IPs: 2574
number of botnet IPs notified to network operators: 2223
number of spam blocked: 41256
recipient count of spam blocked: 1583938

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD276
2CMNET105
3CTTNET92
4UNICOM-SD88
5CRTC83
6UNICOM-HE61
7UNICOM-LN60
8CHINANET-JS51
9UNICOM-HL44
10UNICOM-JL41

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1539
2United States131
3India55
4Taiwan46
5Argentina45
6Brazil42
7Italy40
8Spain40
9United Kingdom36
10Peru35

Friday, December 27, 2013

Suspected Bot List [2013-12-26]

detection period: 2013-12-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 295

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
CN150.255.92.48China
CO190.90.2.30Colombia
ES46.24.99.86Spain
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN202.63.105.226India
IR91.98.117.30Iran
IR94.182.248.19Iran
IT95.227.34.226Italy
IT95.253.67.148Italy
KZ109.229.189.175Kazakhstan
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MY203.142.53.200Malaysia
PE190.81.249.18Peru
PE200.31.105.172Peru
PH124.107.158.30Philippines
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
US50.201.42.106United States
US67.229.59.146United States
US98.126.76.58United States

List from greylisting:

Botnet Statistics [2013-12-26]

detection period: 2013-12-26 00:00-23:59 UTC
total number of suspected botnet IPs: 2813
number of botnet IPs notified to network operators: 2519
number of spam blocked: 42975
recipient count of spam blocked: 1626533

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD543
2CTTNET98
3UNICOM-SD83
4CHINANET-JS83
5CMNET78
6UNICOM-LN73
7CRTC72
8UNICOM-HE60
9UNICOM-HL44
10UNICOM-JL41

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1893
2United States152
3Taiwan52
4Brazil50
5Spain46
6United Kingdom45
7Peru41
8India34
9Italy33
10Argentina32

Thursday, December 26, 2013

Suspected Bot List [2013-12-25]

detection period: 2013-12-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 191

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CO190.90.2.30Colombia
DO190.94.63.166Dominican Republic
ES46.24.99.86Spain
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN202.63.105.226India
IR91.98.117.30Iran
IR94.182.248.19Iran
IT95.227.34.226Italy
KZ109.229.189.175Kazakhstan
MO60.246.179.2Macau
MX189.204.49.66Mexico
MY203.142.53.200Malaysia
PE190.81.249.18Peru
PE200.31.105.172Peru
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
TW61.64.4.180Taiwan
US50.201.42.106United States
US67.229.59.146United States
US98.126.76.58United States

List from greylisting:

Botnet Statistics [2013-12-25]

detection period: 2013-12-25 00:00-23:59 UTC
total number of suspected botnet IPs: 3167
number of botnet IPs notified to network operators: 2977
number of spam blocked: 38041
recipient count of spam blocked: 1398532

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD685
2CRTC168
3CTTNET157
4UNICOM-SD123
5CMNET107
6CHINANET-JS97
7UNICOM-LN88
8UNICOM-HE64
9UNICOM-HA59
10UNICOM-HL55

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2501
2United States76
3Taiwan66
4Brazil43
5Spain26
6Argentina26
7Italy23
8Russian Federation22
9United Kingdom22
10India20

Wednesday, December 25, 2013

Suspected Bot List [2013-12-24]

detection period: 2013-12-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 261

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CO190.90.2.30Colombia
DO190.94.63.166Dominican Republic
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN202.63.105.226India
IR94.182.248.19Iran
IT95.227.34.226Italy
KZ109.229.189.175Kazakhstan
MX189.204.49.66Mexico
PE190.81.249.18Peru
PE200.31.105.172Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
TW119.77.206.218Taiwan
TW211.76.90.34Taiwan
US50.201.42.106United States
US67.229.59.146United States
US98.126.76.58United States

List from greylisting:

Botnet Statistics [2013-12-24]

detection period: 2013-12-24 00:00-23:59 UTC
total number of suspected botnet IPs: 2868
number of botnet IPs notified to network operators: 2608
number of spam blocked: 31387
recipient count of spam blocked: 1154251

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD575
2CRTC165
3CMNET128
4CTTNET84
5UNICOM-SD82
6UNICOM-LN67
7CHINANET-JS66
8UNICOM-HL55
9HINET-NET48
10UNICOM-HE44

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2010
2United States89
3Taiwan73
4India46
5Brazil41
6United Kingdom34
7Spain34
8Argentina32
9Italy29
10Colombia28

Tuesday, December 24, 2013

Suspected Bot List [2013-12-23]

detection period: 2013-12-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 337

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CO190.90.2.30Colombia
DO190.94.63.166Dominican Republic
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN202.63.105.226India
IR91.98.117.28Iran
IR94.182.248.19Iran
IT95.227.34.226Italy
KZ109.229.189.175Kazakhstan
MX187.174.173.18Mexico
MX189.204.49.66Mexico
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
TW119.77.154.229Taiwan
US50.201.42.106United States
US67.229.59.146United States
US74.128.122.135United States
US98.126.76.58United States

List from greylisting:

Botnet Statistics [2013-12-23]

detection period: 2013-12-23 00:00-23:59 UTC
total number of suspected botnet IPs: 2717
number of botnet IPs notified to network operators: 2381
number of spam blocked: 31768
recipient count of spam blocked: 1233499

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD503
2CRTC167
3CTTNET92
4CMNET87
5UNICOM-SD62
6CHINANET-JS46
7UNICOM-LN42
8UNICOM-HE36
9CHINANET-FJ36
10HINET-NET33

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1562
2United States151
3India81
4Brazil60
5France55
6Taiwan54
7South Korea53
8Spain47
9United Kingdom40
10Indonesia33

Monday, December 23, 2013

Suspected Bot List [2013-12-22]

detection period: 2013-12-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 36

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN202.63.105.226India
IR91.98.117.28Iran
IR94.182.248.19Iran
IT95.227.34.226Italy
MX187.174.173.18Mexico
MX189.204.49.66Mexico
PE200.31.105.172Peru
PK111.68.104.132Pakistan
SA94.77.199.148Saudi Arabia
TW119.77.154.229Taiwan
US50.201.42.106United States
US67.229.59.146United States

List from greylisting:

Botnet Statistics [2013-12-22]

detection period: 2013-12-22 00:00-23:59 UTC
total number of suspected botnet IPs: 1526
number of botnet IPs notified to network operators: 1491
number of spam blocked: 3570
recipient count of spam blocked: 141673

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD461
2CRTC255
3CTTNET230
4CHINANET-FJ45
5UNICOM-LN26
6MSFT-GFS18
7UNICOM-HE10
8UNICOM-GD9
9CHINANET-JS9
10002.558.157/0001-628

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1185
2United States80
3Brazil35
4Russian Federation22
5South Korea15
6Turkey11
7Indonesia11
8Taiwan10
9United Kingdom10
10Germany10

Sunday, December 22, 2013

Suspected Bot List [2013-12-21]

detection period: 2013-12-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 31

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2013-12-21]

detection period: 2013-12-21 00:00-23:59 UTC
total number of suspected botnet IPs: 927
number of botnet IPs notified to network operators: 896
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CRTC331
2CTTNET133
3CHINANET-GD107
4CHINANET-FJ39
5UNICOM-GD13
6MSFT-GFS9
7DORATELEKOM-NET7
8UNICOM-SD6
9Wotone5
10CMNET5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China754
2United States31
3India12
4Turkey10
5Kazakhstan8
6Russian Federation7
7Brazil6
8Singapore5
9South Korea5
10Iran5

Saturday, December 21, 2013

Suspected Bot List [2013-12-20]

detection period: 2013-12-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 145

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2013-12-20]

detection period: 2013-12-20 00:00-23:59 UTC
total number of suspected botnet IPs: 1197
number of botnet IPs notified to network operators: 1052
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD85
2CRTC76
3CHINANET-FJ42
4IP2000-ADSL-BAS30
5SINGNET-SG22
6CTTNET16
7FR-LDCOMNET-2009081314
8HINET-NET13
9BHARTI-IN13
10UNICOM-SD10

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China383
2United States140
3France87
4India57
5United Kingdom35
6Hong Kong31
7Singapore30
8Taiwan24
9Russian Federation24
10South Korea21

Friday, December 20, 2013

Suspected Bot List [2013-12-19]

detection period: 2013-12-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 129

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2013-12-19]

detection period: 2013-12-19 00:00-23:59 UTC
total number of suspected botnet IPs: 962
number of botnet IPs notified to network operators: 833
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD105
2CTTNET80
3CHINANET-FJ44
4CRTC31
5UNICOM-GD17
6CHINANET-JS17
7IP2000-ADSL-BAS14
8DORATELEKOM-NET14
9CHINANET-HB8
10UNICOM-SD7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China434
2United States83
3France52
4United Kingdom30
5India26
6Brazil24
7Turkey22
8Russian Federation19
9Mexico17
10Spain16

Thursday, December 19, 2013

Suspected Bot List [2013-12-18]

detection period: 2013-12-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 198

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2013-12-18]

detection period: 2013-12-18 00:00-23:59 UTC
total number of suspected botnet IPs: 1531
number of botnet IPs notified to network operators: 1333
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD267
2CTTNET132
3CRTC121
4HINET-NET54
5CHINANET-FJ32
6SINGNET-SG31
7KORNET-KR29
8VNPT-VNNIC-VN25
9NETVIGATOR14
10BHARTI-IN14

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China696
2United States92
3Taiwan68
4India49
5South Korea45
6Russian Federation42
7Indonesia40
8Singapore37
9Viet Nam33
10Hong Kong31

Wednesday, December 18, 2013

Suspected Bot List [2013-12-17]

detection period: 2013-12-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 91

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2013-12-17]

detection period: 2013-12-17 00:00-23:59 UTC
total number of suspected botnet IPs: 1240
number of botnet IPs notified to network operators: 1149
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD434
2CRTC74
3CHINANET-FJ34
4CTTNET22
5CHINANET-JS20
6UNICOM-GD17
7KORNET-KR13
8HINET-NET13
9UNICOM-SD12
10DORATELEKOM-NET11

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China742
2United States91
3Russian Federation28
4South Korea27
5Brazil23
6Taiwan22
7Turkey22
8United Kingdom20
9Israel13
10Indonesia13

Tuesday, December 17, 2013

Suspected Bot List [2013-12-16]

detection period: 2013-12-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 119

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.3.14.59Argentina
AR190.15.201.202Argentina
DO190.94.63.166Dominican Republic
GB77.246.20.2United Kingdom
GB94.12.42.121United Kingdom
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN202.63.105.226India
IR91.98.117.30Iran
KZ109.229.189.175Kazakhstan
MX189.204.49.66Mexico
NO193.91.131.11Norway
PE200.31.105.172Peru
PH124.107.158.30Philippines
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
TW119.77.154.229Taiwan
US50.201.42.106United States

List from greylisting:

Botnet Statistics [2013-12-16]

detection period: 2013-12-16 00:00-23:59 UTC
total number of suspected botnet IPs: 1347
number of botnet IPs notified to network operators: 1229
number of spam blocked: 22591
recipient count of spam blocked: 752915

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET295
2CHINANET-GD261
3CHINANET-FJ42
4UNICOM-GD40
5CHINANET-ZJ-NB32
6UNICOM-LN31
7CHINANET-JS20
8CTTNET14
9CHINANET-JX12
10CHINANET-ZJ10

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China615
2Taiwan302
3United States53
4Brazil37
5Russian Federation29
6South Korea17
7Argentina17
8Germany16
9Indonesia15
10Romania13

Monday, December 16, 2013

Suspected Bot List [2013-12-15]

detection period: 2013-12-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 121

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.3.14.59Argentina
AR190.15.201.202Argentina
DO190.94.63.166Dominican Republic
GB77.246.20.2United Kingdom
GB94.12.42.121United Kingdom
GB193.164.207.16United Kingdom
IN117.239.29.114India
IN117.240.239.120India
IN202.63.105.226India
IR91.98.117.30Iran
KZ109.229.189.175Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
NO193.91.131.11Norway
PE200.31.105.172Peru
PH124.107.158.30Philippines
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
TW119.77.154.229Taiwan
US50.201.42.106United States
US74.128.122.135United States

List from greylisting:

Botnet Statistics [2013-12-15]

detection period: 2013-12-15 00:00-23:59 UTC
total number of suspected botnet IPs: 2230
number of botnet IPs notified to network operators: 2111
number of spam blocked: 66973
recipient count of spam blocked: 2034410

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET878
2CHINANET-GD372
3UNICOM-GD168
4CHINANET-ZJ-NB101
5CTTNET33
6CHINANET-FJ30
7UNICOM-LN26
8ZTWL20
9CHINANET-ZJ15
10CHINANET-JS14

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China938
2Taiwan886
3United States45
4Brazil33
5Argentina20
6Russian Federation17
7United Kingdom16
8Indonesia15
9Ukraine13
10Israel13

Sunday, December 15, 2013

Suspected Bot List [2013-12-14]

detection period: 2013-12-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 37

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.3.14.59Argentina
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
DO190.94.63.166Dominican Republic
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
IN117.239.29.114India
IN117.240.239.120India
IN202.63.105.226India
IR91.98.117.30Iran
KZ109.229.189.175Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
NO193.91.131.11Norway
PH124.107.158.30Philippines
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.201.42.106United States

List from greylisting:

Botnet Statistics [2013-12-14]

detection period: 2013-12-14 00:00-23:59 UTC
total number of suspected botnet IPs: 1802
number of botnet IPs notified to network operators: 1766
number of spam blocked: 69673
recipient count of spam blocked: 2161007

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET892
2CHINANET-GD249
3UNICOM-GD195
4CHINANET-ZJ-NB55
5ZTWL28
6UNICOM-LN25
7PSYCHZ-NETWORKS21
8CHINANET-JS12
9CHINANET-ZJ11
10UNICOM-HE9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan895
2China688
3United States47
4Brazil24
5Russian Federation16
6Ukraine10
7United Kingdom8
8South Korea6
9Indonesia6
10Hong Kong6

Saturday, December 14, 2013

Suspected Bot List [2013-12-13]

detection period: 2013-12-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 35

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.3.14.59Argentina
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
DO190.94.63.166Dominican Republic
FR89.3.32.179France
GB77.246.20.2United Kingdom
GB94.12.42.121United Kingdom
GB193.164.207.16United Kingdom
IN117.239.29.114India
IN117.240.239.120India
IN202.63.105.226India
IR91.98.117.30Iran
KZ109.229.189.175Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
PE200.31.105.172Peru
PH124.107.158.30Philippines
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.201.42.106United States

List from greylisting:

Botnet Statistics [2013-12-13]

detection period: 2013-12-13 00:00-23:59 UTC
total number of suspected botnet IPs: 1741
number of botnet IPs notified to network operators: 1707
number of spam blocked: 65474
recipient count of spam blocked: 2065268

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET850
2CHINANET-GD252
3UNICOM-GD178
4CHINANET-ZJ-NB38
5UNICOM-LN24
6CHINANET-ZJ15
7CHINANET-FJ15
8CHINANET-JX13
9CTTNET11
10ZTWL10

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan856
2China661
3Brazil25
4United States22
5Russian Federation14
6Ukraine11
7United Kingdom11
8South Korea10
9Iran7
10Germany7

Friday, December 13, 2013

Suspected Bot List [2013-12-12]

detection period: 2013-12-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 85

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.3.14.59Argentina
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
DO190.94.63.166Dominican Republic
EC200.24.218.187Ecuador
GB77.246.20.2United Kingdom
GB94.12.42.121United Kingdom
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN202.63.105.226India
KZ109.229.189.175Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
NO193.91.131.11Norway
PE200.31.105.172Peru
PH124.107.158.30Philippines
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.201.42.106United States

List from greylisting:

Botnet Statistics [2013-12-12]

detection period: 2013-12-12 00:00-23:59 UTC
total number of suspected botnet IPs: 2045
number of botnet IPs notified to network operators: 1960
number of spam blocked: 68068
recipient count of spam blocked: 2013651

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET855
2CHINANET-GD385
3UNICOM-GD162
4CHINANET-ZJ-NB49
5UNICOM-LN25
6ZTWL21
7PSYCHZ-NETWORKS21
8CHINANET-JX18
9CHINANET-FJ14
10CTTNET13

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan858
2China814
3United States60
4Brazil27
5Russian Federation23
6Spain16
7Argentina15
8Germany14
9Italy12
10Colombia12

Thursday, December 12, 2013

Suspected Bots' IP List for December 2013

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below) 10 days after its respective botnet statistics gets published.

You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2013-12-31]
Suspected Bots IP [2013-12-30]
Suspected Bots IP [2013-12-29]
Suspected Bots IP [2013-12-28]
Suspected Bots IP [2013-12-27]
Suspected Bots IP [2013-12-26]
Suspected Bots IP [2013-12-25]
Suspected Bots IP [2013-12-24]
Suspected Bots IP [2013-12-23]
Suspected Bots IP [2013-12-22]
Suspected Bots IP [2013-12-21]
Suspected Bots IP [2013-12-20]
Suspected Bots IP [2013-12-19]
Suspected Bots IP [2013-12-18]
Suspected Bots IP [2013-12-17]
Suspected Bots IP [2013-12-16]
Suspected Bots IP [2013-12-15]
Suspected Bots IP [2013-12-14]
Suspected Bots IP [2013-12-13]
Suspected Bots IP [2013-12-12]
Suspected Bots IP [2013-12-11]
Suspected Bots IP [2013-12-10]
Suspected Bots IP [2013-12-09]
Suspected Bots IP [2013-12-08]
Suspected Bots IP [2013-12-07]
Suspected Bots IP [2013-12-06]
Suspected Bots IP [2013-12-05]
Suspected Bots IP [2013-12-04]
Suspected Bots IP [2013-12-03]
Suspected Bots IP [2013-12-02]
Suspected Bots IP [2013-12-01]

Suspected Bot List [2013-12-11]

detection period: 2013-12-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 133

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.3.14.59Argentina
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
DO190.94.63.166Dominican Republic
ES80.25.103.81Spain
GB77.246.20.2United Kingdom
GB94.12.42.121United Kingdom
GB193.164.207.16United Kingdom
IN117.239.29.114India
IN117.240.239.120India
IN202.63.105.226India
IN210.212.145.180India
KZ109.229.189.175Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
NO193.91.131.11Norway
PE200.31.105.172Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
US50.201.42.106United States

List from greylisting:

Botnet Statistics [2013-12-11]

detection period: 2013-12-11 00:00-23:59 UTC
total number of suspected botnet IPs: 2425
number of botnet IPs notified to network operators: 2292
number of spam blocked: 75924
recipient count of spam blocked: 2520268

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET884
2CHINANET-GD525
3UNICOM-GD133
4CHINANET-ZJ-NB43
5UNICOM-LN25
6SINGNET-SG21
7PSYCHZ-NETWORKS21
8CHINANET-FJ20
9CHINANET-JX12
10CHINANET-JS12

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China893
2Taiwan892
3United States88
4India42
5France37
6Russian Federation31
7Singapore27
8Brazil26
9Hong Kong24
10Indonesia21

Wednesday, December 11, 2013

Suspected Bot List [2013-12-10]

detection period: 2013-12-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 80

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.3.14.59Argentina
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
DO190.94.63.166Dominican Republic
GB94.12.42.121United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.239.29.114India
IN117.240.239.120India
IN202.63.105.226India
IN210.212.145.180India
KZ109.229.189.175Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
NO193.91.131.11Norway
PE200.31.105.172Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
US50.201.42.106United States

List from greylisting:

Botnet Statistics [2013-12-10]

detection period: 2013-12-10 00:00-23:59 UTC
total number of suspected botnet IPs: 2005
number of botnet IPs notified to network operators: 1925
number of spam blocked: 75292
recipient count of spam blocked: 2425951

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET869
2CHINANET-GD388
3UNICOM-GD184
4CHINANET-ZJ-NB40
5ZTWL25
6UNICOM-LN24
7CTTNET18
8UNICOM-HE13
9CHINANET-FJ12
10PE-TPSA-LACNIC8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan876
2China816
3United States44
4Brazil25
5Russian Federation19
6Argentina17
7Peru14
8Ukraine11
9India11
10Israel11

Tuesday, December 10, 2013

Suspected Bot List [2013-12-09]

detection period: 2013-12-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 259

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.3.14.59Argentina
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
DO190.94.63.166Dominican Republic
GB77.246.20.2United Kingdom
GB94.12.42.121United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.239.29.114India
IN117.240.239.120India
IN202.63.105.226India
IN210.212.145.180India
IR94.183.223.16Iran
KZ109.229.189.175Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
PE200.31.105.172Peru
PK111.68.104.132Pakistan
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.201.42.106United States

List from greylisting:

Botnet Statistics [2013-12-09]

detection period: 2013-12-09 00:00-23:59 UTC
total number of suspected botnet IPs: 2341
number of botnet IPs notified to network operators: 2082
number of spam blocked: 80060
recipient count of spam blocked: 2604447

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET889
2CHINANET-GD234
3UNICOM-GD186
4CHINANET-ZJ-NB37
5UNICOM-LN26
6CTTNET18
7ZTWL16
8CHINANET-FJ16
9CO-CTSE-LACNIC13
10UNICOM-HE12

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan893
2China677
3United States82
4India60
5Brazil41
6France33
7United Kingdom32
8Spain30
9Colombia30
10Argentina30

Monday, December 9, 2013

Suspected Bot List [2013-12-08]

detection period: 2013-12-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 163

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.3.14.59Argentina
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
DO190.94.63.166Dominican Republic
GB77.246.20.2United Kingdom
GB94.12.42.121United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN202.63.105.226India
IN210.212.145.180India
IR94.183.223.16Iran
KZ109.229.189.175Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
PE200.31.105.172Peru
PE200.37.197.148Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.201.42.106United States

List from greylisting:

Botnet Statistics [2013-12-08]

detection period: 2013-12-08 00:00-23:59 UTC
total number of suspected botnet IPs: 2142
number of botnet IPs notified to network operators: 1979
number of spam blocked: 78034
recipient count of spam blocked: 2548888

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET855
2CHINANET-GD408
3UNICOM-GD170
4CHINANET-ZJ-NB36
5UNICOM-LN25
6ZTWL19
7JAZZTEL-TRIPLEPLAY12
8UNICOM-HE11
9CHINANET-JS11
10AR-CASA10-LACNIC11

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan862
2China796
3United States46
4Argentina29
5Brazil27
6Spain25
7Russian Federation24
8Romania24
9Iran23
10Italy20

Sunday, December 8, 2013

Suspected Bot List [2013-12-07]

detection period: 2013-12-07 00:00-23:59 UTC
number of suspected bots' IPs listed here: 170

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.3.14.59Argentina
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
DO190.94.63.166Dominican Republic
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN202.63.105.226India
IN210.212.145.180India
IR91.98.117.28Iran
IT217.133.6.218Italy
KZ109.229.189.175Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
PE200.31.105.172Peru
PE200.37.197.148Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.201.42.106United States

List from greylisting:

Botnet Statistics [2013-12-07]

detection period: 2013-12-07 00:00-23:59 UTC
total number of suspected botnet IPs: 1934
number of botnet IPs notified to network operators: 1764
number of spam blocked: 75685
recipient count of spam blocked: 2474919

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET839
2CHINANET-GD381
3CHINANET-ZJ-NB86
4UNICOM-LN25
5UNICOM-HE11
6CO-EPME1-LACNIC10
7CHINANET-JS10
8AR-CASA10-LACNIC9
9002.558.157/0001-629
10SHARKTECH8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan849
2China608
3United States45
4Brazil36
5Argentina27
6Colombia24
7Iran21
8United Kingdom21
9Russian Federation18
10Mexico18

Saturday, December 7, 2013

Suspected Bot List [2013-12-06]

detection period: 2013-12-06 00:00-23:59 UTC
number of suspected bots' IPs listed here: 262

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.3.14.59Argentina
AR190.15.201.202Argentina
BO190.129.12.162Bolivia
DO190.94.63.166Dominican Republic
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN202.63.105.226India
IN210.212.145.180India
IR91.98.117.28Iran
IT217.133.6.218Italy
KZ109.229.189.175Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
PE181.67.125.202Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK111.68.104.132Pakistan
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
US50.201.42.106United States

List from greylisting: