Custom Search

Wednesday, August 31, 2016

Suspected Bot List [2016-08-30]

detection period: 2016-08-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 309

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.138.82.138Argentina
AR200.63.164.198Argentina
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-30]

detection period: 2016-08-30 00:00-23:59 UTC
total number of suspected botnet IPs: 2955
number of botnet IPs notified to network operators: 2646
number of spam blocked: 31597
recipient count of spam blocked: 852974

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET640
2WASU492
3VNPT-VNNIC-VN129
4UNICOM-ZJ72
5MX-USCV4-LACNIC61
6CHINANET-HN51
7CHINANET-JS45
8CHINANET-SD43
9BSNLNET42
10BHARTI-IN40

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China848
2Taiwan648
3Viet Nam276
4India240
5Mexico123
6Brazil77
7Iran61
8Colombia48
9Peru38
10Turkey36

Tuesday, August 30, 2016

Suspected Bot List [2016-08-29]

detection period: 2016-08-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 128

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.138.82.138Argentina
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-29]

detection period: 2016-08-29 00:00-23:59 UTC
total number of suspected botnet IPs: 2055
number of botnet IPs notified to network operators: 1927
number of spam blocked: 25341
recipient count of spam blocked: 695468

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET718
2WASU493
3UNICOM-ZJ111
4CHINANET-JS49
5WASU-BB34
6UNICOM-JS34
7CHINANET-HN26
8VNPT-VNNIC-VN24
9BSNLNET22
10BHARTI-IN21

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China809
2Taiwan721
3India152
4Viet Nam53
5Iran41
6Mexico25
7Colombia19
8Peru16
9Brazil16
10Pakistan15

Monday, August 29, 2016

Suspected Bot List [2016-08-28]

detection period: 2016-08-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 52

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-08-28]

detection period: 2016-08-28 00:00-23:59 UTC
total number of suspected botnet IPs: 1477
number of botnet IPs notified to network operators: 1425
number of spam blocked: 22023
recipient count of spam blocked: 645193

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET684
2WASU254
3UNICOM-ZJ53
4VNPT-VNNIC-VN43
5CHINANET-JS32
6WASU-BB28
7CMNET16
8UNICOM-JS13
9MX-USCV4-LACNIC13
10CHINANET-GD13

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan685
2China458
3Viet Nam77
4India47
5Mexico22
6Peru13
7Iran13
8Brazil11
9Colombia10
10United States9

Sunday, August 28, 2016

Suspected Bot List [2016-08-27]

detection period: 2016-08-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 89

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.138.82.138Argentina
UY167.57.27.24Uruguay
UY167.57.111.108Uruguay

List from greylisting:

Botnet Statistics [2016-08-27]

detection period: 2016-08-27 00:00-23:59 UTC
total number of suspected botnet IPs: 1273
number of botnet IPs notified to network operators: 1184
number of spam blocked: 27879
recipient count of spam blocked: 741292

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET696
2CHINANET-HN53
3VNPT-VNNIC-VN34
4MX-USCV4-LACNIC25
5CHINANET-GD18
6CHINANET-JS14
7CMNET11
8BSNLNET11
9ALISOFT10
10VIETEL-VNNIC-VN9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan696
2China156
3Viet Nam64
4India63
5Mexico46
6Iran25
7Peru21
8Brazil20
9Turkey11
10Tunisia11

Saturday, August 27, 2016

Suspected Bot List [2016-08-26]

detection period: 2016-08-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 110

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-26]

detection period: 2016-08-26 00:00-23:59 UTC
total number of suspected botnet IPs: 1805
number of botnet IPs notified to network operators: 1695
number of spam blocked: 28375
recipient count of spam blocked: 751720

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET728
2WASU226
3CHINANET-JS58
4CHINANET-HB55
5CHINANET-HN53
6CHINANET-AH43
7BSNLNET31
8VNPT-VNNIC-VN29
9UNICOM-ZJ28
10CHINANET-SD23

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan731
2China610
3India142
4Viet Nam64
5Mexico33
6Turkey19
7Brazil16
8United States14
9Colombia14
10Pakistan13

Friday, August 26, 2016

Suspected Bot List [2016-08-25]

detection period: 2016-08-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 142

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.138.82.138Argentina
CN150.138.109.96China
GB163.172.14.71United Kingdom
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-25]

detection period: 2016-08-25 00:00-23:59 UTC
total number of suspected botnet IPs: 2574
number of botnet IPs notified to network operators: 2432
number of spam blocked: 33682
recipient count of spam blocked: 735506

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET736
2WASU602
3CHINANET-JS109
4CHINANET-HN58
5CHINANET-HB57
6UNICOM-ZJ53
7VNPT-VNNIC-VN50
8CHINANET-AH48
9MX-USCV4-LACNIC29
10CHINANET-ZJ-QZ28

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1157
2Taiwan737
3Viet Nam104
4India102
5Mexico62
6Brazil51
7Turkey28
8Iran28
9Colombia20
10Peru19

Thursday, August 25, 2016

Suspected Bot List [2016-08-24]

detection period: 2016-08-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 73

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
DE89.197.4.210Germany
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-24]

detection period: 2016-08-24 00:00-23:59 UTC
total number of suspected botnet IPs: 2300
number of botnet IPs notified to network operators: 2227
number of spam blocked: 28643
recipient count of spam blocked: 735045

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET761
2WASU512
3CHINANET-JS147
4CHINANET-AH119
5UNICOM-ZJ103
6CHINANET-HB78
7CHINANET-HN57
8WASU-BB37
9UNICOM-JS29
10CHINANET-ZJ-QZ25

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1267
2Taiwan761
3India61
4Viet Nam20
5Mexico18
6Iran14
7Turkey11
8Brazil11
9Peru9
10Colombia9

Wednesday, August 24, 2016

Suspected Bot List [2016-08-23]

detection period: 2016-08-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 65

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.138.82.138Argentina
GB163.172.14.71United Kingdom
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-23]

detection period: 2016-08-23 00:00-23:59 UTC
total number of suspected botnet IPs: 2331
number of botnet IPs notified to network operators: 2266
number of spam blocked: 30988
recipient count of spam blocked: 822201

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET794
2WASU489
3CHINANET-JS152
4CHINANET-AH133
5UNICOM-ZJ102
6CHINANET-HB80
7CHINANET-HN57
8WASU-BB33
9UNICOM-JS26
10CHINANET-ZJ-QZ25

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1285
2Taiwan797
3India80
4Viet Nam26
5Iran15
6Pakistan13
7United States12
8Bangladesh11
9Turkey8
10Indonesia7

Tuesday, August 23, 2016

Suspected Bot List [2016-08-22]

detection period: 2016-08-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 31

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-22]

detection period: 2016-08-22 00:00-23:59 UTC
total number of suspected botnet IPs: 1970
number of botnet IPs notified to network operators: 1939
number of spam blocked: 28297
recipient count of spam blocked: 795206

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET819
2WASU475
3UNICOM-ZJ96
4CHINANET-JS74
5CHINANET-HN54
6VNPT-VNNIC-VN44
7CHINANET-AH41
8UNICOM-JS33
9WASU-BB29
10TVNET20

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China954
2Taiwan821
3Viet Nam83
4India38
5Indonesia9
6Brazil7
7United States5
8Turkey4
9Russian Federation4
10Romania3

Monday, August 22, 2016

Suspected Bot List [2016-08-21]

detection period: 2016-08-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 24

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.138.82.138Argentina
GB163.172.14.71United Kingdom

List from greylisting:

Botnet Statistics [2016-08-21]

detection period: 2016-08-21 00:00-23:59 UTC
total number of suspected botnet IPs: 1874
number of botnet IPs notified to network operators: 1850
number of spam blocked: 27947
recipient count of spam blocked: 787871

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET778
2WASU256
3CHINANET-AH136
4CHINANET-JS91
5CHINANET-HB79
6CHINANET-HN57
7VNPT-VNNIC-VN53
8UNICOM-ZJ38
9CHINANET-SD32
10CHINANET-ZJ-NB27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China879
2Taiwan782
3Viet Nam119
4India9
5Brazil9
6Argentina9
7Mexico6
8United States5
9Thailand5
10Hong Kong4

Sunday, August 21, 2016

Suspected Bot List [2016-08-20]

detection period: 2016-08-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 7

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.138.82.138Argentina
GB163.172.14.71United Kingdom

List from greylisting:

Botnet Statistics [2016-08-20]

detection period: 2016-08-20 00:00-23:59 UTC
total number of suspected botnet IPs: 1406
number of botnet IPs notified to network operators: 1399
number of spam blocked: 29197
recipient count of spam blocked: 824819

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET765
2CHINANET-AH139
3CHINANET-HB107
4CHINANET-JS100
5CHINANET-HN56
6CHINANET-SD41
7CHINANET-ZJ-QZ39
8CHINANET-ZJ-JH16
9CHINANET-YN12
10ALISOFT12

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan767
2China581
3Viet Nam16
4United States7
5Thailand5
6India4
7Philippines3
8Russian Federation2
9Romania2
10Poland2

Saturday, August 20, 2016

Suspected Bot List [2016-08-19]

detection period: 2016-08-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 80

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PH116.50.143.222Philippines

List from greylisting:

Botnet Statistics [2016-08-19]

detection period: 2016-08-19 00:00-23:59 UTC
total number of suspected botnet IPs: 2254
number of botnet IPs notified to network operators: 2174
number of spam blocked: 28168
recipient count of spam blocked: 789377

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET796
2WASU323
3CHINANET-AH177
4CHINANET-HB117
5CHINANET-JS107
6CHINANET-SD100
7CHINANET-HN56
8UNICOM-ZJ42
9CHINANET-ZJ-QZ37
10BSNLNET28

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1108
2Taiwan798
3India127
4Viet Nam47
5Iran15
6Pakistan11
7Indonesia9
8United States8
9Turkey8
10Serbia6

Friday, August 19, 2016

Suspected Bot List [2016-08-18]

detection period: 2016-08-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 86

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
EG196.219.217.156Egypt

List from greylisting:

Botnet Statistics [2016-08-18]

detection period: 2016-08-18 00:00-23:59 UTC
total number of suspected botnet IPs: 2548
number of botnet IPs notified to network operators: 2462
number of spam blocked: 28974
recipient count of spam blocked: 814751

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET836
2WASU487
3CHINANET-JS223
4CHINANET-AH186
5CHINANET-HB110
6CHINANET-SD90
7UNICOM-ZJ62
8CHINANET-HN58
9CHINANET-ZJ-QZ50
10UNICOM-JS27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1391
2Taiwan837
3India91
4Viet Nam43
5Iran21
6Pakistan14
7Indonesia13
8United States10
9Turkey10
10Bangladesh10

Thursday, August 18, 2016

Suspected Bot List [2016-08-17]

detection period: 2016-08-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 136

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-17]

detection period: 2016-08-17 00:00-23:59 UTC
total number of suspected botnet IPs: 2860
number of botnet IPs notified to network operators: 2724
number of spam blocked: 28081
recipient count of spam blocked: 756478

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET856
2WASU454
3CHINANET-JS336
4CHINANET-AH219
5CHINANET-HN86
6CHINANET-HB80
7CHINANET-SD79
8CHINANET-ZJ-QZ67
9UNICOM-ZJ66
10UNICOM-JS33

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1534
2Taiwan859
3India170
4Viet Nam54
5Iran33
6Turkey25
7Pakistan22
8Bangladesh13
9Mexico10
10Indonesia10

Wednesday, August 17, 2016

Suspected Bot List [2016-08-16]

detection period: 2016-08-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 100

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.138.82.138Argentina
GB163.172.14.71United Kingdom
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-16]

detection period: 2016-08-16 00:00-23:59 UTC
total number of suspected botnet IPs: 2428
number of botnet IPs notified to network operators: 2328
number of spam blocked: 31515
recipient count of spam blocked: 747645

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET776
2WASU430
3CHINANET-JS198
4CHINANET-AH136
5UNICOM-ZJ70
6CHINANET-HB68
7CHINANET-HN66
8CHINANET-SD62
9CHINANET-ZJ-QZ52
10CMNET34

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1273
2Taiwan778
3India148
4Viet Nam26
5Iran24
6Pakistan18
7Indonesia15
8Turkey13
9Bangladesh12
10Mexico10

Tuesday, August 16, 2016

Suspected Bot List [2016-08-15]

detection period: 2016-08-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 112

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-15]

detection period: 2016-08-15 00:00-23:59 UTC
total number of suspected botnet IPs: 2287
number of botnet IPs notified to network operators: 2175
number of spam blocked: 27729
recipient count of spam blocked: 725274

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET758
2WASU432
3CHINANET-HN94
4CHINANET-JS83
5UNICOM-ZJ72
6CHINANET-SD66
7MSFT65
8UNICOM-JS40
9VNPT-VNNIC-VN38
10CHINANET-ZJ-QZ32

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China986
2Taiwan759
3India87
4Viet Nam83
5United States72
6Iran36
7Turkey22
8Indonesia19
9Pakistan18
10Brazil16

Monday, August 15, 2016

Suspected Bots' IP List for July 2016

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below). You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2016-07-01]
Suspected Bots IP [2016-07-02]
Suspected Bots IP [2016-07-03]
Suspected Bots IP [2016-07-04]
Suspected Bots IP [2016-07-05]
Suspected Bots IP [2016-07-06]
Suspected Bots IP [2016-07-07]
Suspected Bots IP [2016-07-08]
Suspected Bots IP [2016-07-09]
Suspected Bots IP [2016-07-10]
Suspected Bots IP [2016-07-11]
Suspected Bots IP [2016-07-12]
Suspected Bots IP [2016-07-13]
Suspected Bots IP [2016-07-14]
Suspected Bots IP [2016-07-15]
Suspected Bots IP [2016-07-16]
Suspected Bots IP [2016-07-17]
Suspected Bots IP [2016-07-18]
Suspected Bots IP [2016-07-19]
Suspected Bots IP [2016-07-20]
Suspected Bots IP [2016-07-21]
Suspected Bots IP [2016-07-22]
Suspected Bots IP [2016-07-23]
Suspected Bots IP [2016-07-24]
Suspected Bots IP [2016-07-25]
Suspected Bots IP [2016-07-26]
Suspected Bots IP [2016-07-27]
Suspected Bots IP [2016-07-28]
Suspected Bots IP [2016-07-29]
Suspected Bots IP [2016-07-30]
Suspected Bots IP [2016-07-31]

Suspected Bot List [2016-08-14]

detection period: 2016-08-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 19

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-08-14]

detection period: 2016-08-14 00:00-23:59 UTC
total number of suspected botnet IPs: 1169
number of botnet IPs notified to network operators: 1150
number of spam blocked: 44538
recipient count of spam blocked: 406509

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET385
2WASU221
3CHINANET-SD77
4CHINANET-AH55
5CHINANET-JS53
6UNICOM-ZJ40
7CHINANET-HN39
8CMNET28
9CHINANET-HB26
10CHINANET-ZJ-QZ23

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China633
2Taiwan400
3United States19
4Viet Nam18
5India13
6Brazil8
7Mexico7
8Iran6
9Peru5
10Indonesia5

Sunday, August 14, 2016

Botnet Statistics for July 2016

detection period: 2016-07-01 00:00 - 2016-07-31 23:59 UTC
total number of suspected botnet IPs: 30923
number of blocked spams: 291037
recipient count of blocked spams: 519810

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China10060
2Taiwan5683
3Viet Nam2363
4India2344
5Mexico1484
6Brazil694
7Iran692
8Peru679
9Turkey531
10Colombia443
11Indonesia338
12Pakistan318
13United States312
14Philippines288
15Venezuela215
16Tunisia209
17Argentina183
18Arab Emirates180
19Saudi Arabia174
20Thailand158
21Italy145
22Bangladesh137
23Russian Federation128
24Bolivia118
25Romania116

The top 25 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1United States194408
2Brazil40010
3Poland26165
4Taiwan13659
5China12571
6Thailand1190
7Germany881
8Mexico359
9Pakistan207
10Viet Nam200
11Colombia200
12Uruguay198
13Turkey140
14Argentina134
15France116
16Hong Kong111
17Peru89
18Indonesia70
19European Union69
20Chile63
21Ecuador56
22Bolivia56
23Ukraine44
24Venezuela18
25Occupied Palestinian Territory11

The top 25 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Suspected Bot List [2016-08-13]

detection period: 2016-08-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 10

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-13]

detection period: 2016-08-13 00:00-23:59 UTC
total number of suspected botnet IPs: 283
number of botnet IPs notified to network operators: 273
number of spam blocked: 5975
recipient count of spam blocked: 6052

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1SONET-NET60
2CHINANET-SD49
3CHINANET-AH20
4CMNET13
5VNPT-VNNIC-VN10
6CHINANET-JS10
7CHINANET-GD8
8MSFT6
9CHINANET-ZJ-QZ4
10CHINANET-ZJ-JH4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China142
2Taiwan62
3Viet Nam17
4United States17
5India7
6Mexico5
7Hong Kong4
8Romania3
9Ukraine2
10France2

Saturday, August 13, 2016

Suspected Bot List [2016-08-12]

detection period: 2016-08-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 48

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-08-12]

detection period: 2016-08-12 00:00-23:59 UTC
total number of suspected botnet IPs: 885
number of botnet IPs notified to network operators: 837
number of spam blocked: 586
recipient count of spam blocked: 1324

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU207
2SONET-NET91
3CHINANET-ZJ-JX39
4VNPT-VNNIC-VN37
5CHINANET-HN35
6UNICOM-ZJ31
7MSFT19
8CMNET17
9CHINANET-HA14
10UNICOM-JS13

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China475
2Taiwan99
3Viet Nam91
4India68
5United States27
6Indonesia12
7Brazil12
8Turkey9
9Pakistan8
10Romania6

Friday, August 12, 2016

Suspected Bot List [2016-08-11]

detection period: 2016-08-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 119

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.236Poland
TR88.247.23.135Turkey

List from greylisting:

Botnet Statistics [2016-08-11]

detection period: 2016-08-11 00:00-23:59 UTC
total number of suspected botnet IPs: 1536
number of botnet IPs notified to network operators: 1417
number of spam blocked: 5634
recipient count of spam blocked: 10121

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU411
2SONET-NET140
3CHINANET-HN86
4UNICOM-ZJ72
5HINET-NET57
6CMNET50
7CHINANET-JS48
8VNPT-VNNIC-VN32
9WASU-BB30
10NorthStar29

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China947
2Taiwan198
3India104
4Viet Nam52
5Turkey24
6United States21
7Iran17
8Brazil16
9Indonesia13
10Bangladesh8

Thursday, August 11, 2016

Suspected Bot List [2016-08-10]

detection period: 2016-08-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 186

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.57.39.15Argentina
AR186.138.82.138Argentina
GB163.172.14.71United Kingdom
PL185.125.4.236Poland
US68.115.149.54United States

List from greylisting:

Botnet Statistics [2016-08-10]

detection period: 2016-08-10 00:00-23:59 UTC
total number of suspected botnet IPs: 2125
number of botnet IPs notified to network operators: 1939
number of spam blocked: 7166
recipient count of spam blocked: 27118

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU430
2SONET-NET159
3CHINANET-HN102
4UNICOM-ZJ75
5VNPT-VNNIC-VN64
6HINET-NET59
7CHINANET-HA54
8VE-CSVE-LACNIC37
9UNICOM-JS37
10CHINANET-JS34

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1016
2Taiwan220
3Viet Nam130
4India117
5Mexico83
6Brazil47
7Peru40
8Venezuela37
9Iran32
10Colombia31

Wednesday, August 10, 2016

Suspected Bot List [2016-08-09]

detection period: 2016-08-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 289

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL80.78.76.185Albania
AR186.57.39.15Argentina
AR186.57.70.59Argentina
AR190.108.35.2Argentina
AR200.41.235.90Argentina
BO186.27.126.130Bolivia
DZ193.194.69.36Algeria
EG41.33.230.227Egypt
EG41.33.238.170Egypt
ID202.61.126.62Indonesia
IN114.79.132.135India
IN114.79.160.30India
IN125.16.12.146India
IN125.16.240.197India
IN125.19.78.60India
IN203.192.212.52India
IN223.196.86.215India
IN223.196.86.227India
KZ213.157.57.102Kazakhstan
MU80.67.128.17Mauritius
MU80.67.128.19Mauritius
MU80.67.128.24Mauritius
MU80.67.128.38Mauritius
MU80.67.128.51Mauritius
MU80.67.128.89Mauritius
MU80.67.128.100Mauritius
MX200.94.17.241Mexico
PH122.53.178.100Philippines
TR78.186.4.165Turkey
TR78.187.38.187Turkey
TR78.188.86.146Turkey
TR78.188.217.164Turkey
TR78.189.128.103Turkey
TR78.189.160.21Turkey
TR85.105.33.188Turkey
TR85.105.147.174Turkey
TR88.225.216.167Turkey
TR88.247.23.135Turkey
TR88.247.56.225Turkey
TR88.249.25.2Turkey
TR88.249.25.132Turkey
TR88.249.43.114Turkey
TR88.249.84.49Turkey
TR91.191.173.134Turkey
US24.196.69.180United States
US68.115.149.54United States
ZA196.46.23.122South Africa

List from greylisting:

Botnet Statistics [2016-08-09]

detection period: 2016-08-09 00:00-23:59 UTC
total number of suspected botnet IPs: 3045
number of botnet IPs notified to network operators: 2757
number of spam blocked: 8522
recipient count of spam blocked: 191711

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU328
2SONET-NET199
3CHINANET-HA157
4HINET-NET127
5CNCITYNET91
6CHINANET-HN77
7VNPT-VNNIC-VN75
8CMNET72
9CHINANET-JS71
10UNICOM-ZJ66

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1365
2Taiwan389
3India238
4Viet Nam150
5Mexico79
6Turkey73
7Brazil61
8United States57
9Peru44
10Russian Federation42

Tuesday, August 9, 2016

Suspected Bot List [2016-08-08]

detection period: 2016-08-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 162

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-08]

detection period: 2016-08-08 00:00-23:59 UTC
total number of suspected botnet IPs: 1634
number of botnet IPs notified to network operators: 1472
number of spam blocked: 4114
recipient count of spam blocked: 5217

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU387
2CHINANET-HA156
3SONET-NET82
4UNICOM-ZJ72
5CHINANET-HN64
6VNPT-VNNIC-VN43
7CMNET42
8CHINANET-ZJ37
9BHARTI-IN37
10CHINANET-JS32

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China962
2India119
3Taiwan100
4Viet Nam66
5Mexico58
6Turkey36
7Brazil24
8Venezuela19
9Iran19
10Peru18

Monday, August 8, 2016

Suspected Bot List [2016-08-07]

detection period: 2016-08-07 00:00-23:59 UTC
number of suspected bots' IPs listed here: 5

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-08-07]

detection period: 2016-08-07 00:00-23:59 UTC
total number of suspected botnet IPs: 734
number of botnet IPs notified to network operators: 729
number of spam blocked: 752
recipient count of spam blocked: 1302

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU364
2SONET-NET78
3CHINANET-HA39
4CHINANET-HN34
5CMNET30
6HINET-NET24
7CHINANET-ZJ-JX23
8CHINANET-ZJ22
9CHINANET-JS13
10UNICOM-JS11

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China602
2Taiwan102
3United States10
4South Korea4
5Turkey3
6Hong Kong3
7Russian Federation2
8Romania1
9Philippines1
10Iran1

Sunday, August 7, 2016

Suspected Bot List [2016-08-06]

detection period: 2016-08-06 00:00-23:59 UTC
number of suspected bots' IPs listed here: 7

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-08-06]

detection period: 2016-08-06 00:00-23:59 UTC
total number of suspected botnet IPs: 331
number of botnet IPs notified to network operators: 324
number of spam blocked: 200
recipient count of spam blocked: 200

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1SONET-NET132
2WASU69
3HINET-NET32
4CMNET13
5CHINANET-GD7
6MSFT4
7CNCITYNET4
8tonghnetwork3
9CHINANET-ZJ3
10UNICOM-SD2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan164
2China132
3United States10
4Hong Kong5
5South Korea3
6UNKNOWN2
7Turkey2
8Russian Federation2
9Germany2
10Sweden1

Saturday, August 6, 2016

Suspected Bot List [2016-08-05]

detection period: 2016-08-05 00:00-23:59 UTC
number of suspected bots' IPs listed here: 58

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-08-05]

detection period: 2016-08-05 00:00-23:59 UTC
total number of suspected botnet IPs: 687
number of botnet IPs notified to network operators: 629
number of spam blocked: 227
recipient count of spam blocked: 227

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU128
2SONET-NET117
3HINET-NET40
4VNPT-VNNIC-VN30
5UNICOM-ZJ27
6BSNLNET17
7CMNET12
8NorthStar11
9CHINANET-GD11
10UNICOM-JS9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China270
2Taiwan159
3India65
4Viet Nam59
5Turkey11
6Mexico11
7United States9
8Pakistan9
9Iran7
10Indonesia7

Friday, August 5, 2016

Suspected Bot List [2016-08-04]

detection period: 2016-08-04 00:00-23:59 UTC
number of suspected bots' IPs listed here: 124

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-08-04]

detection period: 2016-08-04 00:00-23:59 UTC
total number of suspected botnet IPs: 1510
number of botnet IPs notified to network operators: 1386
number of spam blocked: 602
recipient count of spam blocked: 602

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU374
2HINET-NET141
3SONET-NET96
4UNICOM-ZJ65
5VNPT-VNNIC-VN47
6CHINANET-JS36
7UNICOM-JS32
8MX-USCV4-LACNIC26
9WASU-BB25
10TVNET19

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China657
2Taiwan241
3Viet Nam97
4India75
5Mexico60
6Brazil40
7Turkey27
8Iran23
9Peru20
10Argentina18

Thursday, August 4, 2016

Suspected Bot List [2016-08-03]

detection period: 2016-08-03 00:00-23:59 UTC
number of suspected bots' IPs listed here: 88

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-08-03]

detection period: 2016-08-03 00:00-23:59 UTC
total number of suspected botnet IPs: 1268
number of botnet IPs notified to network operators: 1180
number of spam blocked: 1505
recipient count of spam blocked: 2562

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU310
2HINET-NET136
3SONET-NET115
4UNICOM-ZJ88
5CHINANET-HN51
6CHINANET-JS49
7NorthStar30
8UNICOM-JS28
9WASU-BB25
10VNPT-VNNIC-VN15

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China665
2Taiwan251
3India81
4Viet Nam28
5Mexico27
6Iran18
7Turkey17
8Brazil13
9Venezuela12
10Peru10

Wednesday, August 3, 2016

Suspected Bot List [2016-08-02]

detection period: 2016-08-02 00:00-23:59 UTC
number of suspected bots' IPs listed here: 52

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.57.25.247Argentina

List from greylisting:

Botnet Statistics [2016-08-02]

detection period: 2016-08-02 00:00-23:59 UTC
total number of suspected botnet IPs: 1353
number of botnet IPs notified to network operators: 1301
number of spam blocked: 2724
recipient count of spam blocked: 21081

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU263
2HINET-NET201
3SONET-NET152
4CHINANET-HN129
5UNICOM-ZJ81
6UNICOM-JS39
7CHINANET-JS38
8VNPT-VNNIC-VN24
9WASU-BB23
10NorthStar22

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China694
2Taiwan353
3Viet Nam50
4Mexico28
5India25
6Peru18
7Brazil18
8Venezuela12
9United States12
10Iran12

Tuesday, August 2, 2016

Suspected Bot List [2016-08-01]

detection period: 2016-08-01 00:00-23:59 UTC
number of suspected bots' IPs listed here: 152

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-08-01]

detection period: 2016-08-01 00:00-23:59 UTC
total number of suspected botnet IPs: 1744
number of botnet IPs notified to network operators: 1592
number of spam blocked: 3948
recipient count of spam blocked: 6584

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU226
2HINET-NET186
3SONET-NET157
4CHINANET-HN122
5UNICOM-ZJ88
6VNPT-VNNIC-VN69
7CHINANET-JS45
8UNICOM-JS39
9WASU-BB35
10NorthStar27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China677
2Taiwan345
3Viet Nam141
4India123
5Mexico48
6Brazil38
7Iran33
8Peru29
9Turkey24
10Venezuela20

Monday, August 1, 2016

Suspected Bot List [2016-07-31]

detection period: 2016-07-31 00:00-23:59 UTC
number of suspected bots' IPs listed here: 103

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
TW123.195.100.144Taiwan

List from greylisting:

Botnet Statistics [2016-07-31]

detection period: 2016-07-31 00:00-23:59 UTC
total number of suspected botnet IPs: 1246
number of botnet IPs notified to network operators: 1143
number of spam blocked: 1488
recipient count of spam blocked: 3598

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET175
2SONET-NET157
3WASU124
4CHINANET-HN111
5UNICOM-ZJ69
6WASU-BB34
7VNPT-VNNIC-VN32
8NorthStar22
9MX-USCV4-LACNIC17
10BSNLNET16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China434
2Taiwan334
3Viet Nam77
4India56
5Mexico37
6Peru31
7Iran26
8Brazil20
9Turkey19
10Arab Emirates14