Custom Search

Thursday, October 31, 2013

Suspected Bot List [2013-10-30]

detection period: 2013-10-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 352

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
AR200.41.181.170Argentina
AR200.55.57.214Argentina
CA70.38.64.167Canada
CM41.202.206.53Cameroon
CN150.255.104.90China
CN150.255.175.63China
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN59.93.129.241India
IN117.203.140.123India
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IQ86.111.144.194Iraq
IR94.183.223.16Iran
IR193.19.145.195Iran
KZ109.229.189.175Kazakhstan
LB213.175.188.158Lebanon
MO60.246.134.251Macau
MO60.246.146.143Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MY203.142.53.200Malaysia
NP202.79.52.53Nepal
PE190.187.168.186Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK111.68.104.155Pakistan
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
SG112.140.184.245Singapore
SK62.197.209.93Slovakia
TW115.165.226.35Taiwan
TW119.77.206.197Taiwan
UA109.251.115.24Ukraine
US24.101.120.44United States
US69.64.36.109United States
US74.222.3.249United States
US192.30.87.242United States
US209.239.112.104United States
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2013-10-30]

detection period: 2013-10-30 00:00-23:59 UTC
total number of suspected botnet IPs: 4288
number of botnet IPs notified to network operators: 3936
number of spam blocked: 101564
recipient count of spam blocked: 3216131

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET893
2CMNET355
3CRTC234
4CHINANET-GD164
5CTTNET148
6UNICOM-SD111
7UNICOM-LN96
8UNICOM-HE78
9UNICOM-HL62
10UNICOM-HA58

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2205
2Taiwan923
3United States216
4Brazil64
5Italy58
6Spain43
7Argentina43
8Mexico41
9United Kingdom38
10Russian Federation37

Wednesday, October 30, 2013

Suspected Bot List [2013-10-29]

detection period: 2013-10-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 134

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL213.207.41.34Albania
CA70.38.64.167Canada
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.239.29.114India
IN117.240.239.120India
IN122.183.99.146India
IN202.63.105.226India
IQ86.111.144.194Iraq
IR94.183.223.16Iran
KZ109.229.189.175Kazakhstan
MX189.204.49.66Mexico
NP202.79.52.53Nepal
PE190.187.168.186Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
TW211.76.90.150Taiwan
US24.101.120.44United States
US50.159.67.200United States
US74.222.3.249United States
US209.239.112.104United States

List from greylisting:

Botnet Statistics [2013-10-29]

detection period: 2013-10-29 00:00-23:59 UTC
total number of suspected botnet IPs: 2363
number of botnet IPs notified to network operators: 2232
number of spam blocked: 96298
recipient count of spam blocked: 3162814

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET826
2CHINANET-GD143
3CMNET119
4CRTC76
5UNICOM-LN46
6UNICOM-GD40
7CHINANET-FJ38
8CTTNET37
9UNICOM-HE31
10UNICOM-SD29

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China967
2Taiwan840
3United States98
4Brazil38
5Russian Federation30
6Canada25
7Italy23
8United Kingdom23
9India21
10Mexico18

Tuesday, October 29, 2013

Suspected Bot List [2013-10-28]

detection period: 2013-10-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 300

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL213.207.41.34Albania
AR190.14.170.249Argentina
AR200.55.57.214Argentina
CA70.38.64.167Canada
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
IN117.239.29.114India
IN117.240.239.120India
IN122.183.99.146India
IN202.63.105.226India
IR82.99.246.10Iran
IR94.183.223.16Iran
MX189.204.49.66Mexico
MX189.204.49.77Mexico
PE190.187.168.186Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
US24.101.120.44United States
US50.159.67.200United States
US74.222.3.249United States
US209.239.112.104United States

List from greylisting:

Botnet Statistics [2013-10-28]

detection period: 2013-10-28 00:00-23:59 UTC
total number of suspected botnet IPs: 2212
number of botnet IPs notified to network operators: 1912
number of spam blocked: 88513
recipient count of spam blocked: 2961382

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET777
2CHINANET-GD125
3CHINANET-JS51
4CHINANET-FJ42
5CMNET32
6UNICOM-LN30
7CHINANET-AH30
8CTTNET25
9UNICOM-HE21
10CHINANET-JX20

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan787
2China580
3United States115
4Brazil59
5Spain56
6Argentina44
7Italy34
8Germany33
9Colombia33
10Peru29

Monday, October 28, 2013

Suspected Bot List [2013-10-27]

detection period: 2013-10-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 179

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL213.207.41.34Albania
AR190.14.170.249Argentina
AR190.15.201.202Argentina
AR200.55.57.214Argentina
CA70.38.64.167Canada
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.239.29.114India
IN117.240.239.120India
IN122.183.99.146India
IN202.63.105.226India
IR82.99.246.10Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MY203.142.53.200Malaysia
PE190.187.168.186Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
US24.101.120.44United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-27]

detection period: 2013-10-27 00:00-23:59 UTC
total number of suspected botnet IPs: 1752
number of botnet IPs notified to network operators: 1573
number of spam blocked: 84480
recipient count of spam blocked: 2876145

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET762
2CHINANET-JS93
3CHINANET-GD92
4CHINANET-FJ52
5CTTNET38
6UNICOM-LN29
7CMNET20
8CHINANET-AH20
9UNICOM-GD13
10UNICOM-HE12

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan771
2China504
3United States50
4Brazil42
5Russian Federation27
6Iran23
7Colombia23
8Peru22
9Argentina21
10Mexico16

Sunday, October 27, 2013

Suspected Bot List [2013-10-26]

detection period: 2013-10-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 285

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL213.207.41.34Albania
AR190.14.170.249Argentina
AR190.15.201.202Argentina
AR200.55.57.214Argentina
CA70.38.64.167Canada
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.239.29.114India
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
MY203.142.53.200Malaysia
PE190.187.168.186Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE201.230.214.190Peru
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-26]

detection period: 2013-10-26 00:00-23:59 UTC
total number of suspected botnet IPs: 1826
number of botnet IPs notified to network operators: 1541
number of spam blocked: 69253
recipient count of spam blocked: 2479998

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET521
2CHINANET-GD129
3CTTNET44
4CHINANET-FJ37
5UNICOM-LN29
6PE-TPSA-LACNIC17
7CHINANET-JS17
8UNICOM-GD16
9UNICOM-HE12
10CO-CTSE-LACNIC12

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan529
2China486
3United States172
4Argentina44
5Peru40
6Brazil38
7Spain35
8Colombia31
9United Kingdom30
10Canada29

Saturday, October 26, 2013

Suspected Bot List [2013-10-25]

detection period: 2013-10-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 318

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL213.207.41.34Albania
AO196.223.13.230Angola
AR190.14.170.249Argentina
AR190.15.201.202Argentina
AR200.55.57.214Argentina
CA70.38.64.167Canada
CM41.202.206.53Cameroon
CR201.195.100.83Costa Rica
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IQ86.111.144.194Iraq
IR82.99.246.10Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
MX200.52.182.236Mexico
MY203.142.53.200Malaysia
NP202.79.52.53Nepal
PE190.187.168.186Peru
PE190.223.178.142Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PE201.230.214.190Peru
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-25]

detection period: 2013-10-25 00:00-23:59 UTC
total number of suspected botnet IPs: 2401
number of botnet IPs notified to network operators: 2088
number of spam blocked: 91641
recipient count of spam blocked: 2956492

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET779
2CHINANET-GD162
3CHINANET-FJ41
4CTTNET35
5UNICOM-LN33
6CBC-CM-428
7CHINANET-JS20
8UNICOM-GD16
9UNICOM-HE14
10PE-TPSA-LACNIC14

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan788
2China540
3United States349
4Brazil49
5Spain39
6Peru36
7Canada35
8Argentina33
9Italy31
10Mexico30

Friday, October 25, 2013

Suspected Bot List [2013-10-24]

detection period: 2013-10-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 366

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL213.207.41.34Albania
AO196.223.13.230Angola
AR190.15.201.202Argentina
AR200.41.181.170Argentina
CM41.202.206.53Cameroon
CR201.195.100.83Costa Rica
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IQ86.111.144.194Iraq
IR82.99.246.10Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX200.52.182.236Mexico
NP202.79.52.53Nepal
PE190.187.168.186Peru
PE190.223.178.142Peru
PE200.31.105.172Peru
PH119.92.60.115Philippines
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-24]

detection period: 2013-10-24 00:00-23:59 UTC
total number of suspected botnet IPs: 2309
number of botnet IPs notified to network operators: 1950
number of spam blocked: 95637
recipient count of spam blocked: 2965076

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET817
2CHINANET-GD115
3CMNET31
4CTTNET28
5UNICOM-LN27
6CHINANET-FJ27
7CHINANET-JX19
8PE-TPSA-LACNIC18
9CHINANET-JS18
10UNICOM-GD16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan826
2China487
3United States204
4Italy51
5Peru49
6Colombia46
7Argentina46
8United Kingdom43
9Brazil41
10Spain39

Thursday, October 24, 2013

Suspected Bot List [2013-10-23]

detection period: 2013-10-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 415

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL213.207.41.34Albania
AO196.223.13.230Angola
CM41.202.206.53Cameroon
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
NP202.79.52.53Nepal
PE190.187.168.186Peru
PE190.223.178.142Peru
PE190.233.73.68Peru
PE200.31.105.172Peru
PH119.92.60.115Philippines
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
SN41.208.150.116Senegal
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US64.182.4.63United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-23]

detection period: 2013-10-23 00:00-23:59 UTC
total number of suspected botnet IPs: 2578
number of botnet IPs notified to network operators: 2165
number of spam blocked: 119594
recipient count of spam blocked: 3301715

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET717
2CHINANET-GD155
3UNICOM-GD109
4CTTNET40
5CHINANET-FJ39
6CMNET30
7UNICOM-LN27
8CHINANET-JS18
9ZTWL17
10CHINANET-JX17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan728
2China702
3United States190
4United Kingdom80
5Italy58
6Brazil54
7Argentina52
8Colombia50
9Spain48
10Mexico45

Wednesday, October 23, 2013

Suspected Bot List [2013-10-22]

detection period: 2013-10-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 454

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL213.207.41.34Albania
AR190.15.201.202Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
PE190.187.168.186Peru
PE190.223.178.142Peru
PE200.31.105.172Peru
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-22]

detection period: 2013-10-22 00:00-23:59 UTC
total number of suspected botnet IPs: 3255
number of botnet IPs notified to network operators: 2803
number of spam blocked: 105231
recipient count of spam blocked: 3569259

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET849
2UNICOM-GD140
3CHINANET-GD123
4SINGNET-SG40
5CHINANET-FJ32
6CHINANET-GX31
7VNPT-VNNIC-VN26
8CMNET25
9BHARTI-IN23
10ZTWL22

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan862
2China711
3United States347
4India77
5Italy69
6Singapore61
7Hong Kong61
8Argentina60
9United Kingdom58
10Australia53

Tuesday, October 22, 2013

Suspected Bot List [2013-10-21]

detection period: 2013-10-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 426

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.239.29.114India
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
MY203.142.53.200Malaysia
PE190.187.168.186Peru
PE190.223.178.142Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-21]

detection period: 2013-10-21 00:00-23:59 UTC
total number of suspected botnet IPs: 2839
number of botnet IPs notified to network operators: 2411
number of spam blocked: 136602
recipient count of spam blocked: 4162715

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET944
2UNICOM-GD190
3CHINANET-GD119
4KORNET-KR33
5CMNET33
6CHINANET-FJ33
7UNICOM-LN32
8SHENZHEN-CNC29
9ZTWL28
10CHINANET-GX20

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan954
2China707
3United States245
4United Kingdom79
5India60
6South Korea57
7Brazil53
8Spain45
9Mexico39
10Colombia38

Monday, October 21, 2013

Suspected Bot List [2013-10-20]

detection period: 2013-10-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 79

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR91.98.117.30Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
PE190.187.168.186Peru
PE190.223.178.142Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK115.186.59.70Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-20]

detection period: 2013-10-20 00:00-23:59 UTC
total number of suspected botnet IPs: 2188
number of botnet IPs notified to network operators: 2109
number of spam blocked: 127802
recipient count of spam blocked: 4311932

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET937
2CHINANET-GD236
3UNICOM-GD178
4CHINANET-SH109
5CHINANET-FJ32
6ZTWL31
7UNICOM-LN31
8SHENZHEN-CNC26
9CTTNET24
10CMNET20

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan944
2China913
3United States41
4Brazil39
5Russian Federation29
6South Korea17
7Iran14
8United Kingdom10
9Peru9
10Thailand8

Sunday, October 20, 2013

Suspected Bot List [2013-10-19]

detection period: 2013-10-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 53

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.14.170.249Argentina
AR190.15.201.202Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.239.29.114India
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR82.99.246.10Iran
IR91.98.117.30Iran
IR94.183.223.16Iran
MV202.21.182.12Republic of Maldives
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
PE190.187.168.186Peru
PE190.223.178.142Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-19]

detection period: 2013-10-19 00:00-23:59 UTC
total number of suspected botnet IPs: 2112
number of botnet IPs notified to network operators: 2059
number of spam blocked: 125561
recipient count of spam blocked: 4276086

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET961
2CHINANET-GD255
3UNICOM-GD145
4CHINANET-SH109
5CHINANET-FJ41
6UNICOM-LN33
7CTTNET21
8SHENZHEN-CNC17
9CMNET17
10CHINANET-GX17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan972
2China850
3United States37
4Brazil36
5Russian Federation26
6Iran14
7Japan13
8United Kingdom11
9Thailand10
10India10

Saturday, October 19, 2013

Suspected Bot List [2013-10-18]

detection period: 2013-10-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 235

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AO41.63.166.3Angola
AR190.14.170.249Argentina
AR190.15.201.202Argentina
AR200.55.57.214Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.239.29.114India
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR91.98.117.30Iran
IR94.183.223.16Iran
MV202.21.182.12Republic of Maldives
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MY203.142.53.200Malaysia
PE190.223.178.142Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-18]

detection period: 2013-10-18 00:00-23:59 UTC
total number of suspected botnet IPs: 2709
number of botnet IPs notified to network operators: 2474
number of spam blocked: 113575
recipient count of spam blocked: 3727710

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET964
2CHINANET-GD213
3UNICOM-GD176
4CHINANET-SH84
5CHINANET-FJ48
6UNICOM-LN37
7ZTWL35
8CMNET28
9SHENZHEN-CNC27
10CHINANET-AH26

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan978
2China937
3United States165
4United Kingdom54
5Brazil42
6India36
7Hong Kong29
8Russian Federation28
9Australia26
10Canada23

Friday, October 18, 2013

Suspected Bot List [2013-10-17]

detection period: 2013-10-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 199

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.14.170.249Argentina
AR190.15.201.202Argentina
AR200.55.57.214Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN61.12.113.99India
IN117.240.239.120India
IN122.180.96.110India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR94.183.223.16Iran
ME46.161.87.19Montenegro
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
PE190.187.168.186Peru
PE190.223.178.142Peru
PE190.232.218.134Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PH124.107.172.131Philippines
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
TW211.76.93.183Taiwan
UA109.251.115.24Ukraine
US24.101.120.44United States
US50.159.67.200United States
US69.64.61.251United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-17]

detection period: 2013-10-17 00:00-23:59 UTC
total number of suspected botnet IPs: 3011
number of botnet IPs notified to network operators: 2812
number of spam blocked: 118491
recipient count of spam blocked: 3972515

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1049
2CHINANET-GD214
3UNICOM-GD129
4CHINANET-SH90
5CMNET76
6CHINANET-AH41
7CHINANET-FJ40
8CTTNET39
9UNICOM-LN32
10CRTC26

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1064
2China965
3United States303
4United Kingdom49
5Brazil48
6Russian Federation38
7Australia35
8India27
9Mexico24
10South Korea24

Thursday, October 17, 2013

Suspected Bot List [2013-10-16]

detection period: 2013-10-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 327

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
AR200.55.57.214Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR85.9.73.68Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
PE190.187.168.186Peru
PE190.223.178.142Peru
PE190.232.218.134Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US50.159.67.200United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-16]

detection period: 2013-10-16 00:00-23:59 UTC
total number of suspected botnet IPs: 3243
number of botnet IPs notified to network operators: 2916
number of spam blocked: 115951
recipient count of spam blocked: 3874890

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1039
2CHINANET-GD126
3CHINANET-SH118
4UNICOM-GD75
5CTTNET39
6CHINANET-AH36
7CHINANET-FJ33
8UNICOM-LN32
9CBC-CM-427
10KORNET-KR22

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1052
2China703
3United States450
4United Kingdom74
5Australia72
6Brazil54
7South Korea46
8Canada45
9Japan43
10Peru40

Wednesday, October 16, 2013

Suspected Bot List [2013-10-15]

detection period: 2013-10-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 580

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
AR200.55.57.214Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.239.29.114India
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR85.9.73.68Iran
IR91.98.117.30Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
PE190.187.168.186Peru
PE190.223.178.142Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US50.159.67.200United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-15]

detection period: 2013-10-15 00:00-23:59 UTC
total number of suspected botnet IPs: 3293
number of botnet IPs notified to network operators: 2713
number of spam blocked: 115933
recipient count of spam blocked: 3837364

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET847
2UNICOM-GD176
3CHINANET-GD141
4CHINANET-SH81
5CTTNET51
6CHINANET-FJ50
7CHINANET-AH39
8UNICOM-LN28
9SHENZHEN-CNC26
10UNICOM-FJ25

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan861
2China834
3United States340
4United Kingdom85
5Argentina83
6Spain76
7Brazil74
8Mexico73
9India72
10Italy61

Tuesday, October 15, 2013

Suspected Bot List [2013-10-14]

detection period: 2013-10-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 383

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
AR200.55.57.214Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.239.29.114India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR85.9.73.68Iran
IR91.98.117.30Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
PE190.187.168.186Peru
PE190.223.178.142Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US50.159.67.200United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-14]

detection period: 2013-10-14 00:00-23:59 UTC
total number of suspected botnet IPs: 2700
number of botnet IPs notified to network operators: 2317
number of spam blocked: 114655
recipient count of spam blocked: 3813737

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET929
2UNICOM-GD177
3CHINANET-GD173
4CHINANET-SH66
5CTTNET48
6CHINANET-FJ42
7CMNET31
8SHENZHEN-CNC27
9UNICOM-LN26
10UNICOM-HE12

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan945
2China777
3United States120
4Brazil58
5Spain57
6Italy55
7India47
8Iran46
9Argentina37
10Peru35

Monday, October 14, 2013

Suspected Bot List [2013-10-13]

detection period: 2013-10-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 239

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
AR200.55.57.214Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN122.183.99.146India
IN202.63.105.226India
IR85.9.73.68Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
MX200.92.57.205Mexico
PE190.187.168.186Peru
PE190.223.178.142Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US50.159.67.200United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-13]

detection period: 2013-10-13 00:00-23:59 UTC
total number of suspected botnet IPs: 2326
number of botnet IPs notified to network operators: 2087
number of spam blocked: 95969
recipient count of spam blocked: 3207114

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET963
2CHINANET-GD159
3UNICOM-GD135
4CHINANET-FJ44
5CTTNET36
6UNICOM-LN26
7CHINANET-SH26
8CHINANET-JS18
9SHENZHEN-CNC17
10CMNET16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan971
2China661
3United States65
4Brazil55
5Spain49
6Argentina39
7Colombia31
8United Kingdom30
9Italy29
10Russian Federation24

Sunday, October 13, 2013

Suspected Bot List [2013-10-12]

detection period: 2013-10-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 51

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.15.201.202Argentina
AR190.181.113.5Argentina
AR200.55.57.214Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.239.29.114India
IN117.240.239.120India
IN122.183.99.146India
IN202.63.105.226India
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
MX200.92.57.205Mexico
PE190.187.168.186Peru
PE190.223.178.142Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US50.159.67.200United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-12]

detection period: 2013-10-12 00:00-23:59 UTC
total number of suspected botnet IPs: 1808
number of botnet IPs notified to network operators: 1757
number of spam blocked: 77657
recipient count of spam blocked: 2540946

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET898
2UNICOM-GD174
3CHINANET-GD111
4CHINANET-FJ44
5CTTNET40
6UNICOM-LN29
7CHINANET-JS17
8GWBN-GUANGZHOU13
9ZTWL12
10CMNET12

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan903
2China631
3United States40
4Brazil37
5Russian Federation24
6United Kingdom15
7Iran11
8Ukraine10
9South Korea9
10India8

Saturday, October 12, 2013

Suspected Bots' IP List for October 2013

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below) 10 days after its respective botnet statistics gets published.

You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2013-10-01]
Suspected Bots IP [2013-10-02]
Suspected Bots IP [2013-10-03]
Suspected Bots IP [2013-10-04]
Suspected Bots IP [2013-10-05]
Suspected Bots IP [2013-10-06]
Suspected Bots IP [2013-10-07]
Suspected Bots IP [2013-10-08]
Suspected Bots IP [2013-10-09]
Suspected Bots IP [2013-10-10]
Suspected Bots IP [2013-10-11]
Suspected Bots IP [2013-10-12]
Suspected Bots IP [2013-10-13]
Suspected Bots IP [2013-10-14]
Suspected Bots IP [2013-10-15]
Suspected Bots IP [2013-10-16]
Suspected Bots IP [2013-10-17]
Suspected Bots IP [2013-10-18]
Suspected Bots IP [2013-10-19]
Suspected Bots IP [2013-10-20]
Suspected Bots IP [2013-10-21]
Suspected Bots IP [2013-10-22]
Suspected Bots IP [2013-10-23]
Suspected Bots IP [2013-10-24]
Suspected Bots IP [2013-10-25]
Suspected Bots IP [2013-10-26]
Suspected Bots IP [2013-10-27]
Suspected Bots IP [2013-10-28]
Suspected Bots IP [2013-10-29]
Suspected Bots IP [2013-10-30]
Suspected Bots IP [2013-10-31]

Suspected Bot List [2013-10-11]

detection period: 2013-10-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 247

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.14.170.249Argentina
AR190.15.201.202Argentina
AR190.181.113.2Argentina
AR190.181.113.5Argentina
AR200.55.57.214Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
GQ41.222.115.225Equatorial Guinea
HN190.107.140.77Honduras
IN117.239.29.114India
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR91.98.117.30Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
PE190.187.168.186Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
PK115.186.59.70Pakistan
PK124.109.47.66Pakistan
SA94.77.199.148Saudi Arabia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US24.101.120.44United States
US50.159.67.200United States
US74.222.3.249United States

List from greylisting:

Botnet Statistics [2013-10-11]

detection period: 2013-10-11 00:00-23:59 UTC
total number of suspected botnet IPs: 2297
number of botnet IPs notified to network operators: 2050
number of spam blocked: 86919
recipient count of spam blocked: 2938037

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET966
2UNICOM-GD164
3CHINANET-GD102
4CHINANET-FJ36
5CTTNET29
6UNICOM-LN26
7CMNET19
8UNICOM-HE12
9AR-CASA10-LACNIC12
10UNICOM-HA11

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan975
2China583
3United States111
4Brazil53
5Argentina48
6India35
7United Kingdom29
8Russian Federation28
9Italy26
10Spain24

Friday, October 11, 2013

Suspected Bot List [2013-10-10]

detection period: 2013-10-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 658

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.14.170.249Argentina
AR190.15.201.202Argentina
AR190.181.113.2Argentina
AR200.55.57.214Argentina
GB77.246.20.2United Kingdom
GB193.164.207.16United Kingdom
HN190.107.140.77Honduras
IN117.240.239.120India
IN122.183.99.146India
IN182.73.111.162India
IN202.63.105.226India
IR85.9.73.68Iran
IR91.98.117.30Iran
IR94.183.223.16Iran
MX187.174.173.18Mexico
MX189.204.49.66Mexico
MX189.204.49.77Mexico
PE190.187.168.186Peru
PE200.31.105.172Peru
PE200.37.197.148Peru
SA94.77.199.148Saudi Arabia
SK62.197.209.93Slovakia
TR82.222.189.43Turkey
UA109.251.115.24Ukraine
US50.159.67.200United States
US74.222.3.249United States
US204.152.219.119United States

List from greylisting:

Botnet Statistics [2013-10-10]

detection period: 2013-10-10 00:00-23:59 UTC
total number of suspected botnet IPs: 4235
number of botnet IPs notified to network operators: 3577
number of spam blocked: 86643
recipient count of spam blocked: 2910612

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET991
2CHINANET-JS820
3UNICOM-GD184
4CHINANET-GD94
5CHINANET-FJ55
6CTTNET34
7KORNET-KR31
8UNICOM-LN30
9CMNET26
10AR-CASA10-LACNIC26

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1446
2Taiwan1012
3United States404
4United Kingdom91
5India90
6Argentina80
7Australia78
8Brazil72
9South Korea69
10Peru51