Custom Search

Sunday, May 31, 2015

Suspected Bot List [2015-05-30]

detection period: 2015-05-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 23

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-30]

detection period: 2015-05-30 00:00-23:59 UTC
total number of suspected botnet IPs: 1202
number of botnet IPs notified to network operators: 1179
number of spam blocked: 144671
recipient count of spam blocked: 3282650

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1010
2CHINANET-GD21
3CHINANET-JS12
4UNICOM-SD7
5CHINANET-HN6
6CHINANET-SX4
7CHINANET-SN4
8BSNLNET4
9VNPT-VNNIC-VN3
10TFN-NET3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1014
2China80
3Russian Federation16
4United States15
5India12
6Viet Nam5
7South Korea5
8Argentina5
9Ukraine4
10Iran4

Saturday, May 30, 2015

Suspected Bot List [2015-05-29]

detection period: 2015-05-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 22

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-29]

detection period: 2015-05-29 00:00-23:59 UTC
total number of suspected botnet IPs: 1151
number of botnet IPs notified to network operators: 1129
number of spam blocked: 119561
recipient count of spam blocked: 2916083

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET928
2CHINANET-GD36
3VNPT-VNNIC-VN9
4CHINANET-SC8
5CHINANET-JS8
6CHINANET-HN7
7UNICOM-BJ6
8UNICOM-SD4
9GIANT4
10CHINANET-SN4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan931
2China108
3Russian Federation20
4United States19
5Viet Nam13
6India12
7Poland4
8Ukraine3
9Turkey3
10Thailand3

Friday, May 29, 2015

Suspected Bot List [2015-05-28]

detection period: 2015-05-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 69

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-28]

detection period: 2015-05-28 00:00-23:59 UTC
total number of suspected botnet IPs: 1441
number of botnet IPs notified to network operators: 1372
number of spam blocked: 135998
recipient count of spam blocked: 3021968

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET960
2VNPT-VNNIC-VN70
3CHINANET-GD24
4CHINANET-JS17
5CHINANET-HN14
6WASU-BB12
7PE-TPSA-LACNIC11
8AR-TEAR7-LACNIC11
9VIETEL-VNNIC-VN10
10ETC-VNNIC-VN9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan967
2China138
3Viet Nam114
4Argentina25
5India23
6United States22
7Peru17
8South Korea13
9Mexico10
10Spain8

Thursday, May 28, 2015

Suspected Bot List [2015-05-27]

detection period: 2015-05-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 78

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-27]

detection period: 2015-05-27 00:00-23:59 UTC
total number of suspected botnet IPs: 1448
number of botnet IPs notified to network operators: 1370
number of spam blocked: 146479
recipient count of spam blocked: 3206751

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1017
2CHINANET-GD21
3VNPT-VNNIC-VN16
4UNICOM-BJ12
5WASU10
6CHINANET-JS10
7AR-TEAR7-LACNIC10
8CHINANET-HN8
9MX-USCV4-LACNIC7
10CO-EPME1-LACNIC6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1022
2China114
3Viet Nam30
4United States23
5Argentina23
6Mexico16
7India16
8Colombia14
9Peru13
10Ukraine11

Wednesday, May 27, 2015

Suspected Bot List [2015-05-26]

detection period: 2015-05-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 101

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-26]

detection period: 2015-05-26 00:00-23:59 UTC
total number of suspected botnet IPs: 1760
number of botnet IPs notified to network operators: 1659
number of spam blocked: 136131
recipient count of spam blocked: 3387532

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1031
2CHINANET-GD26
3UNICOM-BJ22
4CHINANET-JS15
5TurkTelekom13
6CHINANET-HN12
7CHINANET-YN11
8CHINANET-SX11
9CCCH3-411
10WASU9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1034
2China158
3United States112
4Turkey48
5France41
6United Kingdom26
7Spain22
8India16
9Germany16
10South Africa14

Tuesday, May 26, 2015

Suspected Bot List [2015-05-25]

detection period: 2015-05-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 20

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-25]

detection period: 2015-05-25 00:00-23:59 UTC
total number of suspected botnet IPs: 1339
number of botnet IPs notified to network operators: 1319
number of spam blocked: 119088
recipient count of spam blocked: 3519978

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1058
2CHINANET-GD35
3CHINANET-JS15
4UNICOM-BJ14
5CHINANET-LN12
6WASU-BB11
7CHINANET-SX10
8WASU9
9CHINANET-HN8
10VNPT-VNNIC-VN6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1062
2China162
3United States23
4Russian Federation14
5Viet Nam10
6Italy7
7India4
8South Africa3
9Poland3
10United Kingdom3

Monday, May 25, 2015

Suspected Bot List [2015-05-24]

detection period: 2015-05-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 12

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-24]

detection period: 2015-05-24 00:00-23:59 UTC
total number of suspected botnet IPs: 1329
number of botnet IPs notified to network operators: 1317
number of spam blocked: 113530
recipient count of spam blocked: 3374404

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1047
2CHINANET-GD39
3CHINANET-JS35
4CHINANET-SX17
5UNICOM-BJ15
6CHINANET-SN11
7CHINANET-LN10
8CHINANET-YN9
9CHINANET-HN9
10WASU7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1048
2China200
3United States20
4France6
5Russian Federation5
6South Korea4
7United Kingdom4
8Germany4
9Viet Nam3
10Malaysia3

Sunday, May 24, 2015

Suspected Bot List [2015-05-23]

detection period: 2015-05-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 40

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-23]

detection period: 2015-05-23 00:00-23:59 UTC
total number of suspected botnet IPs: 1504
number of botnet IPs notified to network operators: 1464
number of spam blocked: 122543
recipient count of spam blocked: 3639921

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1088
2CHINANET-JS34
3CHINANET-GD25
4UNICOM-BJ14
5CHINANET-HN14
6VNPT-VNNIC-VN8
7CHINANET-SX8
8CHINANET-ZJ-HZ7
9CHINANET-HA7
10KORNET-KR6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1090
2China175
3United States56
4Russian Federation14
5Viet Nam11
6Turkey11
7South Korea9
8France8
9Brazil8
10Spain7

Saturday, May 23, 2015

Suspected Bot List [2015-05-22]

detection period: 2015-05-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 129

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-22]

detection period: 2015-05-22 00:00-23:59 UTC
total number of suspected botnet IPs: 2074
number of botnet IPs notified to network operators: 1945
number of spam blocked: 160200
recipient count of spam blocked: 3767911

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1106
2CHINANET-JS56
3UNICOM-SD31
4UNICOM-BJ24
5CCCH3-423
6CHINANET-GD15
7CBC-CM-415
8IP2000-ADSL-BAS11
9CHINANET-HN11
10TurkTelekom8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1110
2United States251
3China219
4France47
5Canada38
6Mexico37
7Turkey36
8India20
9United Kingdom19
10Germany19

Friday, May 22, 2015

Suspected Bot List [2015-05-21]

detection period: 2015-05-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 77

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-21]

detection period: 2015-05-21 00:00-23:59 UTC
total number of suspected botnet IPs: 1779
number of botnet IPs notified to network operators: 1702
number of spam blocked: 132046
recipient count of spam blocked: 3545989

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1052
2CHINANET-JS66
3UNICOM-SD42
4CHINANET-GD42
5UNICOM-BJ28
6CHINANET-SX13
7CHINANET-HN11
8CHINANET-JX10
9CHINANET-LN9
10CHINANET-SN8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1056
2China289
3United States131
4France25
5Russian Federation19
6Mexico16
7Spain16
8Turkey15
9South Korea15
10India13

Thursday, May 21, 2015

Suspected Bot List [2015-05-20]

detection period: 2015-05-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 34

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-20]

detection period: 2015-05-20 00:00-23:59 UTC
total number of suspected botnet IPs: 1606
number of botnet IPs notified to network operators: 1572
number of spam blocked: 171334
recipient count of spam blocked: 3852466

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1007
2UNICOM-SD94
3CHINANET-JS53
4CHINANET-GD39
5UNICOM-BJ35
6CHINANET-HN16
7CHINANET-JX14
8CHINANET-SX11
9CHINANET-LN8
10WASU-BB7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1011
2China351
3United States42
4Russian Federation20
5India12
6France11
7Turkey9
8Germany9
9Italy8
10Japan7

Wednesday, May 20, 2015

Suspected Bot List [2015-05-19]

detection period: 2015-05-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 184

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-19]

detection period: 2015-05-19 00:00-23:59 UTC
total number of suspected botnet IPs: 2479
number of botnet IPs notified to network operators: 2295
number of spam blocked: 224117
recipient count of spam blocked: 4204974

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1045
2CHINANET-JS90
3UNICOM-SD84
4CHINANET-GD48
5UNICOM-BJ31
6CCCH3-423
7ATT16
8MX-USCV4-LACNIC13
9IP2000-ADSL-BAS12
10CBC-CM-512

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1047
2United States383
3China368
4Mexico56
5France52
6Canada43
7United Kingdom28
8Russian Federation27
9India22
10South Africa21

Tuesday, May 19, 2015

Suspected Bot List [2015-05-18]

detection period: 2015-05-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 166

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2015-05-18]

detection period: 2015-05-18 00:00-23:59 UTC
total number of suspected botnet IPs: 2331
number of botnet IPs notified to network operators: 2165
number of spam blocked: 231674
recipient count of spam blocked: 4245906

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1040
2CHINANET-GD47
3CHINANET-JS22
4CCCH3-420
5NETBLK-CHARTER-NET18
6CBC-CM-417
7VNPT-VNNIC-VN16
8UNICOM-BJ16
9VIS-BLOCK14
10ATT12

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1048
2United States377
3China189
4France70
5Russian Federation43
6Mexico36
7India28
8Germany27
9Viet Nam25
10United Kingdom25

Monday, May 18, 2015

Suspected Bot List [2015-05-17]

detection period: 2015-05-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 24

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
ID202.137.230.220Indonesia
ID202.162.213.162Indonesia
MX200.94.141.149Mexico
PH58.69.100.238Philippines
PK202.142.171.70Pakistan
PL217.153.237.58Poland

List from greylisting:

Botnet Statistics [2015-05-17]

detection period: 2015-05-17 00:00-23:59 UTC
total number of suspected botnet IPs: 1348
number of botnet IPs notified to network operators: 1324
number of spam blocked: 278809
recipient count of spam blocked: 4841288

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1032
2CHINANET-GD40
3UNICOM-BJ15
4UNICOM-GD12
5CHINANET-JS12
6WASU-BB6
7CHINANET-SX6
8UNICOM-SD5
9CHINANET-LN5
10WASU4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1035
2China179
3United States29
4Russian Federation10
5Viet Nam8
6Indonesia8
7Brazil7
8India5
9Iran4
10Argentina4

Sunday, May 17, 2015

Suspected Bot List [2015-05-16]

detection period: 2015-05-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 29

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD180.211.193.190Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
ID202.137.230.220Indonesia
IN117.218.175.121India
MX200.94.141.149Mexico
PH58.69.100.238Philippines
PK202.142.171.70Pakistan
PL217.153.237.58Poland

List from greylisting:

Botnet Statistics [2015-05-16]

detection period: 2015-05-16 00:00-23:59 UTC
total number of suspected botnet IPs: 1341
number of botnet IPs notified to network operators: 1312
number of spam blocked: 302364
recipient count of spam blocked: 5164313

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1057
2CHINANET-GD27
3UNICOM-GD15
4UNICOM-BJ8
5CHINANET-JS8
6CMNET6
7GIANT5
8CHINANET-HN5
9ALISOFT4
10XINWEI-NET3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1058
2China148
3United States34
4Poland7
5Indonesia7
6Russian Federation6
7Brazil6
8Viet Nam5
9Argentina5
10Saudi Arabia4

Saturday, May 16, 2015

Suspected Bot List [2015-05-15]

detection period: 2015-05-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 36

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD180.211.193.190Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
ID202.137.230.220Indonesia
IN117.218.175.121India
MX200.94.141.149Mexico
PH58.69.100.238Philippines
PK202.142.171.70Pakistan
PL217.153.237.58Poland

List from greylisting:

Botnet Statistics [2015-05-15]

detection period: 2015-05-15 00:00-23:59 UTC
total number of suspected botnet IPs: 1516
number of botnet IPs notified to network operators: 1480
number of spam blocked: 325202
recipient count of spam blocked: 5473374

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1049
2UNICOM-GD74
3CHINANET-GD36
4UNICOM-BJ29
5XINWEI-NET19
6WASU14
7VNPT-VNNIC-VN7
8ALISOFT6
9WASU-BB5
10BHARTI-IN5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1052
2China271
3United States24
4Russian Federation17
5Viet Nam16
6South Korea10
7India10
8Ukraine9
9Brazil9
10Turkey7

Friday, May 15, 2015

Suspected Bot List [2015-05-14]

detection period: 2015-05-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 105

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD180.211.193.190Bangladesh
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
ID202.137.230.220Indonesia
IN117.218.175.121India
MX200.94.141.149Mexico
PH58.69.100.238Philippines
PL217.153.237.58Poland
US174.45.152.26United States

List from greylisting:

Botnet Statistics [2015-05-14]

detection period: 2015-05-14 00:00-23:59 UTC
total number of suspected botnet IPs: 2190
number of botnet IPs notified to network operators: 2085
number of spam blocked: 361883
recipient count of spam blocked: 5953513

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1082
2UNICOM-GD99
3CHINANET-GD56
4UNICOM-SD27
5UNICOM-BJ25
6XINWEI-NET24
7CBC-CM-417
8CCCH3-415
9VNPT-VNNIC-VN14
10NETBLK-CHARTER-NET12

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1085
2China351
3United States267
4Viet Nam32
5Canada29
6Mexico25
7Spain23
8India20
9Turkey19
10Italy19

Thursday, May 14, 2015

Suspected Bot List [2015-05-13]

detection period: 2015-05-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 134

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD180.211.193.190Bangladesh
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
ID202.137.230.220Indonesia
IN117.218.175.121India
MX200.94.141.149Mexico
PH58.69.100.238Philippines
US174.45.152.26United States

List from greylisting:

Botnet Statistics [2015-05-13]

detection period: 2015-05-13 00:00-23:59 UTC
total number of suspected botnet IPs: 2181
number of botnet IPs notified to network operators: 2047
number of spam blocked: 278107
recipient count of spam blocked: 5216361

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1185
2CHINANET-GD71
3UNICOM-GD68
4UNICOM-BJ17
5TR-TELEKOM-2005102715
6TurkTelekom14
7CHINANET-ZJ-HZ14
8XINWEI-NET13
9TR-TELEKOM-2004092011
10IP2000-ADSL-BAS11

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1187
2China308
3United States151
4Turkey63
5France39
6India34
7Mexico32
8Spain22
9Germany21
10United Kingdom20

Wednesday, May 13, 2015

Suspected Bots' IP List for May 2015

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below) 10 days after its respective botnet statistics gets published.

New data will be added here daily. You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2015-05-31]
Suspected Bots IP [2015-05-30]
Suspected Bots IP [2015-05-29]
Suspected Bots IP [2015-05-28]
Suspected Bots IP [2015-05-27]
Suspected Bots IP [2015-05-26]
Suspected Bots IP [2015-05-25]
Suspected Bots IP [2015-05-24]
Suspected Bots IP [2015-05-23]
Suspected Bots IP [2015-05-22]
Suspected Bots IP [2015-05-21]
Suspected Bots IP [2015-05-20]
Suspected Bots IP [2015-05-19]
Suspected Bots IP [2015-05-18]
Suspected Bots IP [2015-05-17]
Suspected Bots IP [2015-05-16]
Suspected Bots IP [2015-05-15]
Suspected Bots IP [2015-05-14]
Suspected Bots IP [2015-05-13]
Suspected Bots IP [2015-05-12]
Suspected Bots IP [2015-05-11]
Suspected Bots IP [2015-05-10]
Suspected Bots IP [2015-05-09]
Suspected Bots IP [2015-05-08]
Suspected Bots IP [2015-05-07]
Suspected Bots IP [2015-05-06]
Suspected Bots IP [2015-05-05]
Suspected Bots IP [2015-05-04]
Suspected Bots IP [2015-05-03]
Suspected Bots IP [2015-05-02]
Suspected Bots IP [2015-05-01]

Suspected Bot List [2015-05-12]

detection period: 2015-05-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 67

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD180.211.193.190Bangladesh
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
ID202.137.230.220Indonesia
ID203.201.172.162Indonesia
MX200.94.141.149Mexico
PH58.69.100.238Philippines
US174.45.152.26United States

List from greylisting:

Botnet Statistics [2015-05-12]

detection period: 2015-05-12 00:00-23:59 UTC
total number of suspected botnet IPs: 1918
number of botnet IPs notified to network operators: 1851
number of spam blocked: 125294
recipient count of spam blocked: 3894073

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1217
2CHINANET-GD45
3CHINANET-ZJ-HZ20
4UNICOM-BJ15
5WASU-BB11
6TR-TELEKOM-2005102710
7BT-CENTRAL-PLUS8
8WASU7
9CMNET7
10CHINANET-FJ7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1219
2China224
3United States93
4Turkey30
5United Kingdom19
6Russian Federation17
7France16
8Spain15
9South Africa14
10Indonesia14

Tuesday, May 12, 2015

Suspected Bot List [2015-05-11]

detection period: 2015-05-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 125

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD180.211.193.190Bangladesh
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
ID202.137.230.220Indonesia
ID203.201.172.162Indonesia
MX200.94.141.149Mexico
PH58.69.100.238Philippines
US66.240.236.121United States
US174.45.152.26United States

List from greylisting:

Botnet Statistics [2015-05-11]

detection period: 2015-05-11 00:00-23:59 UTC
total number of suspected botnet IPs: 2082
number of botnet IPs notified to network operators: 1957
number of spam blocked: 130769
recipient count of spam blocked: 3800865

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1173
2CHINANET-GD47
3UNICOM-BJ17
4CHINANET-ZJ-HZ16
5CHINANET-FJ11
6WASU10
7UNICOM-GD10
8CHINANET-JS10
9VNPT-VNNIC-VN9
10CHINANET-SN9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1180
2China259
3United States144
4Turkey30
5Germany29
6Russian Federation21
7Mexico21
8United Kingdom19
9France19
10Viet Nam18

Monday, May 11, 2015

Suspected Bot List [2015-05-10]

detection period: 2015-05-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 28

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD180.211.193.190Bangladesh
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
CO200.80.43.248Colombia
EC201.219.60.86Ecuador
ID202.137.230.220Indonesia
ID203.201.172.162Indonesia
IN117.218.50.134India
MX200.94.141.149Mexico
PH58.69.100.238Philippines
UA193.238.111.14Ukraine
US66.240.236.121United States
US174.45.152.26United States

List from greylisting:

Botnet Statistics [2015-05-10]

detection period: 2015-05-10 00:00-23:59 UTC
total number of suspected botnet IPs: 1289
number of botnet IPs notified to network operators: 1261
number of spam blocked: 125036
recipient count of spam blocked: 3483162

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET959
2CHINANET-GD30
3UNICOM-GD10
4UNICOM-BJ8
5CHINANET-ZJ-HZ8
6WASU6
7CMNET6
8CHINANET-ZJ6
9CHINANET-SH5
10CHINANET-HN5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan964
2China169
3United States35
4Indonesia11
5Brazil8
6Ukraine7
7Russian Federation7
8Viet Nam6
9Hong Kong6
10Saudi Arabia5

Sunday, May 10, 2015

Suspected Bot List [2015-05-09]

detection period: 2015-05-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 31

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD180.211.193.190Bangladesh
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
CO200.80.43.248Colombia
EC201.219.60.86Ecuador
EC201.219.60.119Ecuador
ID202.137.230.220Indonesia
ID203.201.172.162Indonesia
IN117.218.175.121India
MX200.94.141.149Mexico
MX201.116.227.163Mexico
PH58.69.100.238Philippines
US50.130.89.197United States
US66.240.236.121United States
US174.45.152.26United States

List from greylisting:

Botnet Statistics [2015-05-09]

detection period: 2015-05-09 00:00-23:59 UTC
total number of suspected botnet IPs: 1348
number of botnet IPs notified to network operators: 1317
number of spam blocked: 138461
recipient count of spam blocked: 3959897

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1000
2CHINANET-GD42
3CHINANET-ZJ-HZ11
4CHINANET-FJ10
5UNICOM-GD8
6UNICOM-BJ8
7CHINANET-HN8
8CHINANET-ZJ-ZX5
9ALISOFT5
10CHINANET-LN4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1001
2China175
3United States37
4Brazil14
5Russian Federation11
6Indonesia10
7Viet Nam7
8Thailand7
9Poland6
10South Korea6

Saturday, May 9, 2015

Botnet Statistics for April 2015

detection period: 2015-04-01 00:00 - 2015-04-30 23:59 UTC
total number of suspected botnet IPs: 36857
number of blocked spams: 3808707
recipient count of blocked spams: 122729877

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan20033
2China5007
3United States3009
4Russian Federation756
5Turkey553
6Viet Nam541
7India403
8France373
9Canada367
10South Korea357
11Spain352
12Mexico278
13United Kingdom258
14Argentina245
15Germany208
16Malaysia182
17Italy182
18Chile162
19Arab Emirates155
20Ukraine152
21Romania150
22Brazil148
23Indonesia135
24Colombia135
25Australia134

The top 25 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1Taiwan2867234
2China277120
3United States155622
4Indonesia54791
5Iran37433
6Hong Kong37039
7Brazil33030
8South Korea28799
9Bangladesh25814
10Malaysia23645
11Israel21208
12Poland18770
13Ivory Coast16710
14Japan13594
15Russian Federation13452
16Ecuador13083
17Italy12772
18Serbia11703
19Australia11262
20India11192
21Turkey10516
22Ukraine10103
23Mongolia9995
24Viet Nam9626
25South Africa8904

The top 25 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Suspected Bot List [2015-05-08]

detection period: 2015-05-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 102

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.108.35.2Argentina
BD180.211.193.190Bangladesh
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
CO200.80.43.248Colombia
EC201.219.60.86Ecuador
ID202.137.230.220Indonesia
ID203.201.172.162Indonesia
IN117.239.29.114India
MX200.94.141.149Mexico
MX201.116.227.163Mexico
NL178.21.118.159Netherlands
US50.201.42.106United States
US66.240.236.121United States
US174.45.152.26United States

List from greylisting:

Botnet Statistics [2015-05-08]

detection period: 2015-05-08 00:00-23:59 UTC
total number of suspected botnet IPs: 1968
number of botnet IPs notified to network operators: 1866
number of spam blocked: 131717
recipient count of spam blocked: 4039451

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1025
2WORLDSITE-SAYFA54
3TR-RADORE-2011052650
4CHINANET-GD39
5UNICOM-LN22
6UNICOM-GD16
7UNICOM-BJ10
8CMNET9
9BHARTI-IN9
10KORNET-KR8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1029
2China232
3United States214
4Turkey72
5India33
6Germany25
7Brazil21
8South Korea20
9Italy18
10Poland17

Friday, May 8, 2015

Suspected Bot List [2015-05-07]

detection period: 2015-05-07 00:00-23:59 UTC
number of suspected bots' IPs listed here: 217

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.108.35.2Argentina
BD180.211.193.190Bangladesh
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
CO200.80.43.248Colombia
EC201.219.60.86Ecuador
ID202.137.230.220Indonesia
MX200.94.141.149Mexico
MX201.116.227.163Mexico
NL178.21.118.159Netherlands
NL193.110.157.151Netherlands
PH58.69.100.238Philippines
US50.201.42.106United States
US66.240.236.121United States
US174.45.152.26United States

List from greylisting:

Botnet Statistics [2015-05-07]

detection period: 2015-05-07 00:00-23:59 UTC
total number of suspected botnet IPs: 2569
number of botnet IPs notified to network operators: 2354
number of spam blocked: 134710
recipient count of spam blocked: 4269659

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1002
2WORLDSITE-SAYFA94
3TR-RADORE-2011052687
4CHINANET-GD31
5UNICOM-LN22
6UNICOM-GD17
7KORNET-KR17
8IP2000-ADSL-BAS16
9CBC-CM-414
10TurkTelekom13

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1006
2United States375
3China224
4Turkey132
5India55
6France48
7Mexico47
8South Korea35
9Germany34
10Spain31

Thursday, May 7, 2015

Suspected Bot List [2015-05-06]

detection period: 2015-05-06 00:00-23:59 UTC
number of suspected bots' IPs listed here: 211

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.108.35.2Argentina
AR190.120.123.2Argentina
BD180.211.193.190Bangladesh
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
CO200.80.43.248Colombia
EC201.219.60.86Ecuador
ID202.137.230.220Indonesia
MX200.94.141.149Mexico
MX201.116.227.163Mexico
NL178.21.118.159Netherlands
NL193.110.157.151Netherlands
PH58.69.100.238Philippines
US50.201.42.106United States
US66.240.236.121United States
US174.45.152.26United States

List from greylisting:

Botnet Statistics [2015-05-06]

detection period: 2015-05-06 00:00-23:59 UTC
total number of suspected botnet IPs: 2556
number of botnet IPs notified to network operators: 2346
number of spam blocked: 123759
recipient count of spam blocked: 3864026

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1016
2TR-RADORE-2011052671
3CHINANET-GD65
4WORLDSITE-SAYFA60
5UNICOM-LN23
6CCCH3-422
7UNICOM-BJ19
8KORNET-KR15
9AE-EMIRNET-2004012014
10TR-TELEKOM-2004092013

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1021
2United States329
3China266
4Turkey134
5France53
6Russian Federation42
7South Korea41
8Mexico39
9United Kingdom36
10Spain34

Wednesday, May 6, 2015

Suspected Bot List [2015-05-05]

detection period: 2015-05-05 00:00-23:59 UTC
number of suspected bots' IPs listed here: 160

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.108.35.2Argentina
AR190.120.123.2Argentina
CO200.80.43.248Colombia
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.220Indonesia
IN218.248.4.101India
MX201.116.227.163Mexico
NL178.21.118.159Netherlands
NL193.110.157.151Netherlands
US50.201.42.106United States
US69.197.156.227United States
US174.45.152.26United States
US209.239.112.104United States

List from greylisting:

Botnet Statistics [2015-05-05]

detection period: 2015-05-05 00:00-23:59 UTC
total number of suspected botnet IPs: 2138
number of botnet IPs notified to network operators: 1978
number of spam blocked: 136270
recipient count of spam blocked: 4187887

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1002
2CHINANET-GD53
3WORLDSITE-SAYFA32
4TR-RADORE-2011052630
5UNICOM-LN22
6CCCH3-421
7UNICOM-BJ20
8CHINANET-JS19
9UNICOM-GD11
10MX-USCV4-LACNIC10

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1007
2United States279
3China245
4Turkey50
5Mexico43
6Spain31
7France29
8Germany27
9Brazil26
10Canada25

Tuesday, May 5, 2015

Suspected Bot List [2015-05-04]

detection period: 2015-05-04 00:00-23:59 UTC
number of suspected bots' IPs listed here: 165

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.108.35.2Argentina
AR190.120.123.2Argentina
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
CO200.80.43.248Colombia
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.220Indonesia
IN218.248.4.101India
MX201.116.227.163Mexico
NL178.21.118.159Netherlands
NL193.110.157.151Netherlands
US50.201.42.106United States
US69.197.156.227United States
US174.45.152.26United States
US209.239.112.104United States

List from greylisting:

Botnet Statistics [2015-05-04]

detection period: 2015-05-04 00:00-23:59 UTC
total number of suspected botnet IPs: 2208
number of botnet IPs notified to network operators: 2043
number of spam blocked: 133693
recipient count of spam blocked: 4010350

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1010
2CHINANET-GD38
3CHINANET-JS33
4UNICOM-SD31
5UNICOM-BJ30
6UNICOM-LN23
7TurkTelekom17
8WORLDSITE-SAYFA16
9RIMA16
10IP2000-ADSL-BAS16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1014
2China260
3United States237
4Turkey74
5France56
6Spain51
7Germany37
8Mexico33
9Canada30
10Italy24

Monday, May 4, 2015

Suspected Bot List [2015-05-03]

detection period: 2015-05-03 00:00-23:59 UTC
number of suspected bots' IPs listed here: 25

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.108.35.2Argentina
AR190.120.123.2Argentina
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
CO200.80.43.248Colombia
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.220Indonesia
ID203.201.172.162Indonesia
MX201.116.227.163Mexico
NL178.21.118.159Netherlands
NL193.110.157.151Netherlands
US50.201.42.106United States
US66.240.236.121United States
US69.197.156.227United States
US174.45.152.26United States
US209.239.112.104United States

List from greylisting:

Botnet Statistics [2015-05-03]

detection period: 2015-05-03 00:00-23:59 UTC
total number of suspected botnet IPs: 1380
number of botnet IPs notified to network operators: 1355
number of spam blocked: 121357
recipient count of spam blocked: 3634548

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1036
2CHINANET-GD40
3UNICOM-LN21
4CHINANET-JS10
5WORLDSITE-SAYFA6
6CMNET6
7ALISOFT6
8UNICOM-GD5
9CHINANET-LN5
10CHINANET-ZJ4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1039
2China163
3United States44
4Brazil14
5Indonesia11
6Russian Federation10
7Poland8
8Germany7
9Ukraine5
10Turkey4