Custom Search

Friday, September 30, 2016

Suspected Bot List [2016-09-29]

detection period: 2016-09-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-09-29]

detection period: 2016-09-29 00:00-23:59 UTC
total number of suspected botnet IPs: 1215
number of botnet IPs notified to network operators: 1214
number of spam blocked: 44850
recipient count of spam blocked: 1187112

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1009
2CHINANET-HN190
3CHINANET-JS9
4CHINANET-SD4
5PL-ZFIX-201511051
6IR-DCC-200104031
7CBC-CM-51

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan1009
2China203
3United States1
4Poland1
5Iran1

Thursday, September 29, 2016

Suspected Bot List [2016-09-28]

detection period: 2016-09-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 2

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-09-28]

detection period: 2016-09-28 00:00-23:59 UTC
total number of suspected botnet IPs: 1204
number of botnet IPs notified to network operators: 1202
number of spam blocked: 49795
recipient count of spam blocked: 1298507

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1000
2CHINANET-HN184
3CHINANET-SD9
4CHINANET-JS9
5PL-ZFIX-201511051
6HN-HOND-LACNIC1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan1000
2China202
3Poland1
4Honduras1

Wednesday, September 28, 2016

Suspected Bot List [2016-09-27]

detection period: 2016-09-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 0

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-27]

detection period: 2016-09-27 00:00-23:59 UTC
total number of suspected botnet IPs: 1167
number of botnet IPs notified to network operators: 1167
number of spam blocked: 48072
recipient count of spam blocked: 1264960

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET985
2CHINANET-HN166
3CHINANET-JS9
4CHINANET-SD5
5PL-ZFIX-201511051
6ARUBA-NET1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan985
2China180
3Poland1
4Italy1

Tuesday, September 27, 2016

Suspected Bot List [2016-09-26]

detection period: 2016-09-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 49

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PH121.54.44.166Philippines

List from greylisting:

Botnet Statistics [2016-09-26]

detection period: 2016-09-26 00:00-23:59 UTC
total number of suspected botnet IPs: 1314
number of botnet IPs notified to network operators: 1265
number of spam blocked: 45985
recipient count of spam blocked: 1312516

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET954
2CHINANET-HN133
3VNPT-VNNIC-VN29
4BSNLNET12
5CHINANET-JS8
6PE-PETD2-LACNIC7
7CHINANET-HB6
8BHARTI-IN6
9BB-Multiplay6
10VIETEL-VNNIC-VN5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan954
2China149
3India51
4Viet Nam46
5Mexico11
6Brazil10
7Peru9
8Iran8
9Indonesia7
10Philippines6

Monday, September 26, 2016

Suspected Bot List [2016-09-25]

detection period: 2016-09-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 55

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PH121.54.44.152Philippines

List from greylisting:

Botnet Statistics [2016-09-25]

detection period: 2016-09-25 00:00-23:59 UTC
total number of suspected botnet IPs: 1475
number of botnet IPs notified to network operators: 1420
number of spam blocked: 45449
recipient count of spam blocked: 1268590

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1082
2CHINANET-HN71
3VNPT-VNNIC-VN28
4CHINANET-AH18
5CHINANET-HB13
6MX-USCV4-LACNIC10
7UNICOM-NM9
8VIETEL-VNNIC-VN8
9CHINANET-ZJ-NB8
10CHINANET-SD8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan1082
2China151
3Viet Nam57
4India37
5Mexico21
6Brazil11
7Iran9
8Argentina9
9Colombia8
10Turkey7

Sunday, September 25, 2016

Suspected Bot List [2016-09-24]

detection period: 2016-09-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 0

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-24]

detection period: 2016-09-24 00:00-23:59 UTC
total number of suspected botnet IPs: 1040
number of botnet IPs notified to network operators: 1040
number of spam blocked: 46180
recipient count of spam blocked: 1318051

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1009
2CHINANET-JS7
3UNICOM-NM5
4CHINANET-HB4
5CHINANET-AH4
6CHINANET-ZJ-NB2
7CHINANET-HN2
8CHINANET-HA2
9UNICOM-JX1
10MAINT-CHINANET-HA1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan1009
2China30
3Italy1

Saturday, September 24, 2016

Suspected Bot List [2016-09-23]

detection period: 2016-09-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 0

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-23]

detection period: 2016-09-23 00:00-23:59 UTC
total number of suspected botnet IPs: 210
number of botnet IPs notified to network operators: 210
number of spam blocked: 10985
recipient count of spam blocked: 319145

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET188
2CHINANET-JS8
3CHINANET-HN7
4CHINANET-QH2
5TELSTRAINTERNET47-AU1
6LB-LB-ACTEL-200806061
7ETPI1
8CBC-CM-51
9ARUBA-NET1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan188
2China17
3United States1
4Philippines1
5Lebanon1
6Italy1
7Australia1

Friday, September 23, 2016

Suspected Bot List [2016-09-22]

detection period: 2016-09-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 21

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-22]

detection period: 2016-09-22 00:00-23:59 UTC
total number of suspected botnet IPs: 286
number of botnet IPs notified to network operators: 265
number of spam blocked: 1880
recipient count of spam blocked: 2330

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN145
2CHINANET-AH10
3CHINANET-JS9
4VNPT-VNNIC-VN7
5CHINANET-QH6
6MX-USCV4-LACNIC5
7CHINANET-HB5
8UNICOM-NM4
9BSNLNET4
10VIETEL-VNNIC-VN3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China187
2India18
3Viet Nam15
4Mexico10
5Peru5
6Iran5
7Brazil5
8Turkey3
9Indonesia3
10Bangladesh3

Thursday, September 22, 2016

Suspected Bot List [2016-09-21]

detection period: 2016-09-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 42

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PH121.54.44.135Philippines

List from greylisting:

Botnet Statistics [2016-09-21]

detection period: 2016-09-21 00:00-23:59 UTC
total number of suspected botnet IPs: 331
number of botnet IPs notified to network operators: 289
number of spam blocked: 1796
recipient count of spam blocked: 2352

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN140
2VNPT-VNNIC-VN25
3ETC-VNNIC-VN8
4BSNLNET7
5BHARTI-IN7
6CHINANET-HB5
7CHINANET-AH5
8UNICOM-NM4
9VIETEL-VNNIC-VN3
10VIETEL-VN3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China165
2Viet Nam46
3India34
4Mexico9
5Turkey5
6Peru5
7Saudi Arabia4
8Thailand3
9Brazil3
10Argentina3

Wednesday, September 21, 2016

Suspected Bot List [2016-09-20]

detection period: 2016-09-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 34

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-20]

detection period: 2016-09-20 00:00-23:59 UTC
total number of suspected botnet IPs: 644
number of botnet IPs notified to network operators: 610
number of spam blocked: 10799
recipient count of spam blocked: 272741

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET339
2CHINANET-HN131
3VNPT-VNNIC-VN24
4MX-USCV4-LACNIC14
5ETC-VNNIC-VN6
6VIETEL-VNNIC-VN5
7PE-PETD2-LACNIC4
8FPT-VN4
9CHINANET-JS4
10BO-COLT-LACNIC4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan339
2China136
3Viet Nam46
4Mexico27
5India18
6Turkey8
7Colombia8
8Brazil7
9Thailand5
10Peru5

Tuesday, September 20, 2016

Suspected Bot List [2016-09-19]

detection period: 2016-09-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 144

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-19]

detection period: 2016-09-19 00:00-23:59 UTC
total number of suspected botnet IPs: 1650
number of botnet IPs notified to network operators: 1506
number of spam blocked: 34115
recipient count of spam blocked: 961565

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET854
2CHINANET-HN142
3VNPT-VNNIC-VN47
4MX-USCV4-LACNIC31
5BSNLNET23
6VIETEL-VNNIC-VN13
7BB-Multiplay12
8VE-CSVE-LACNIC11
9PE-PETD2-LACNIC10
10ABTS-DSl-DEL10

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan855
2China147
3India115
4Viet Nam101
5Mexico79
6Brazil32
7Colombia28
8Peru26
9Turkey24
10Iran19

Monday, September 19, 2016

Suspected Bots' IP List for August 2016

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below). You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2016-08-01]
Suspected Bots IP [2016-08-02]
Suspected Bots IP [2016-08-03]
Suspected Bots IP [2016-08-04]
Suspected Bots IP [2016-08-05]
Suspected Bots IP [2016-08-06]
Suspected Bots IP [2016-08-07]
Suspected Bots IP [2016-08-08]
Suspected Bots IP [2016-08-09]
Suspected Bots IP [2016-08-10]
Suspected Bots IP [2016-08-11]
Suspected Bots IP [2016-08-12]
Suspected Bots IP [2016-08-13]
Suspected Bots IP [2016-08-14]
Suspected Bots IP [2016-08-15]
Suspected Bots IP [2016-08-16]
Suspected Bots IP [2016-08-17]
Suspected Bots IP [2016-08-18]
Suspected Bots IP [2016-08-19]
Suspected Bots IP [2016-08-20]
Suspected Bots IP [2016-08-21]
Suspected Bots IP [2016-08-22]
Suspected Bots IP [2016-08-23]
Suspected Bots IP [2016-08-24]
Suspected Bots IP [2016-08-25]
Suspected Bots IP [2016-08-26]
Suspected Bots IP [2016-08-27]
Suspected Bots IP [2016-08-28]
Suspected Bots IP [2016-08-29]
Suspected Bots IP [2016-08-30]

Suspected Bot List [2016-09-18]

detection period: 2016-09-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 18

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-18]

detection period: 2016-09-18 00:00-23:59 UTC
total number of suspected botnet IPs: 1077
number of botnet IPs notified to network operators: 1059
number of spam blocked: 33750
recipient count of spam blocked: 935959

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET866
2CHINANET-HN130
3VNPT-VNNIC-VN3
4VE-CSVE-LACNIC3
5PE-PETD2-LACNIC3
6MX-USCV4-LACNIC2
7KCABLE2
8IPG2
9CO-CTSE-LACNIC2
10CHINANET-JS2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan866
2China132
3India12
4Peru8
5Viet Nam6
6Venezuela4
7Brazil4
8Turkey3
9Saudi Arabia3
10Philippines3

Sunday, September 18, 2016

Suspected Bot List [2016-09-17]

detection period: 2016-09-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 0

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-17]

detection period: 2016-09-17 00:00-23:59 UTC
total number of suspected botnet IPs: 611
number of botnet IPs notified to network operators: 611
number of spam blocked: 66727
recipient count of spam blocked: 1961619

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET535
2CHINANET-HN71
3CHINANET-JS3
4RACKRAY-EU-DC1
5ETPI1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan535
2China74
3Philippines1
4Lithuania1

Saturday, September 17, 2016

Suspected Bot List [2016-09-16]

detection period: 2016-09-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 46

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-16]

detection period: 2016-09-16 00:00-23:59 UTC
total number of suspected botnet IPs: 241
number of botnet IPs notified to network operators: 195
number of spam blocked: 97587
recipient count of spam blocked: 2892361

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET53
2VNPT-VNNIC-VN13
3MX-USCV4-LACNIC10
4PTCLBB-PK5
5PE-TPSA-LACNIC5
6ETC-VNNIC-VN5
7CO-ACSA-LACNIC5
8BSNLNET5
9FPT-VN4
10MX-CTSC6-LACNIC3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan54
2India37
3Viet Nam29
4Mexico22
5Brazil10
6Peru9
7Turkey8
8Colombia7
9Iran6
10Pakistan5

Friday, September 16, 2016

Suspected Bot List [2016-09-15]

detection period: 2016-09-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 86

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-09-15]

detection period: 2016-09-15 00:00-23:59 UTC
total number of suspected botnet IPs: 492
number of botnet IPs notified to network operators: 406
number of spam blocked: 102290
recipient count of spam blocked: 2864779

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET62
2VNPT-VNNIC-VN40
3MX-USCV4-LACNIC21
4CHINANET-SD12
5BSNLNET11
6BHARTI-IN10
7VIETEL-VNNIC-VN9
8FPT-VN8
9VE-CSVE-LACNIC7
10PTCLBB-PK6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Viet Nam73
2India64
3Taiwan62
4Mexico36
5Brazil22
6Peru21
7Colombia17
8China17
9Iran16
10Turkey14

Thursday, September 15, 2016

Suspected Bot List [2016-09-14]

detection period: 2016-09-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 257

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-09-14]

detection period: 2016-09-14 00:00-23:59 UTC
total number of suspected botnet IPs: 1306
number of botnet IPs notified to network operators: 1049
number of spam blocked: 116721
recipient count of spam blocked: 3153516

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1VNPT-VNNIC-VN104
2HINET-NET87
3MX-USCV4-LACNIC50
4BSNLNET42
5CHINANET-HN41
6BHARTI-IN41
7ETC-VNNIC-VN26
8PE-TPSA-LACNIC25
9VIETEL-VNNIC-VN24
10VIETEL-VN19

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1India240
2Viet Nam224
3Mexico88
4Taiwan87
5Peru53
6China51
7Brazil47
8Iran43
9Turkey30
10Colombia29

Wednesday, September 14, 2016

Suspected Bot List [2016-09-13]

detection period: 2016-09-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 323

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-09-13]

detection period: 2016-09-13 00:00-23:59 UTC
total number of suspected botnet IPs: 1910
number of botnet IPs notified to network operators: 1587
number of spam blocked: 114211
recipient count of spam blocked: 3011012

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN137
2VNPT-VNNIC-VN115
3MX-USCV4-LACNIC106
4HINET-NET67
5BSNLNET40
6PE-TPSA-LACNIC36
7VIETEL-VNNIC-VN35
8BHARTI-IN31
9VE-CSVE-LACNIC27
10FPT-VN24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1India238
2Viet Nam237
3Mexico206
4China162
5Brazil117
6Peru104
7Colombia88
8Iran70
9Taiwan68
10Turkey37

Tuesday, September 13, 2016

Suspected Bot List [2016-09-12]

detection period: 2016-09-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 173

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-09-12]

detection period: 2016-09-12 00:00-23:59 UTC
total number of suspected botnet IPs: 1101
number of botnet IPs notified to network operators: 928
number of spam blocked: 109725
recipient count of spam blocked: 2928353

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN144
2VNPT-VNNIC-VN76
3HINET-NET59
4CHINANET-JS44
5MX-USCV4-LACNIC41
6BSNLNET25
7FPT-VN22
8CHINANET-SD19
9BHARTI-IN19
10VIETEL-VNNIC-VN18

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China210
2Viet Nam162
3India136
4Mexico95
5Taiwan59
6Brazil49
7Peru38
8Colombia29
9Turkey22
10Iran21

Monday, September 12, 2016

Suspected Bot List [2016-09-11]

detection period: 2016-09-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 123

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-11]

detection period: 2016-09-11 00:00-23:59 UTC
total number of suspected botnet IPs: 922
number of botnet IPs notified to network operators: 799
number of spam blocked: 98368
recipient count of spam blocked: 2860301

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN135
2CHINANET-SD60
3VNPT-VNNIC-VN57
4HINET-NET48
5CHINANET-JS34
6BSNLNET23
7MX-USCV4-LACNIC22
8FPT-VN19
9VIETEL-VN16
10PE-TPSA-LACNIC14

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China231
2Viet Nam138
3India96
4Taiwan48
5Mexico46
6Turkey28
7Iran27
8Peru24
9Brazil22
10Colombia20

Sunday, September 11, 2016

Suspected Bot List [2016-09-10]

detection period: 2016-09-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 127

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.138.82.138Argentina

List from greylisting:

Botnet Statistics [2016-09-10]

detection period: 2016-09-10 00:00-23:59 UTC
total number of suspected botnet IPs: 1012
number of botnet IPs notified to network operators: 885
number of spam blocked: 97464
recipient count of spam blocked: 2826551

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN146
2VNPT-VNNIC-VN82
3HINET-NET65
4CHINANET-JS59
5CHINANET-SD41
6MX-USCV4-LACNIC29
7BSNLNET21
8ETC-VNNIC-VN19
9BHARTI-IN19
10PE-TPSA-LACNIC17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China254
2Viet Nam158
3India105
4Mexico70
5Taiwan68
6Peru44
7Brazil39
8Colombia23
9Turkey21
10Iran18

Saturday, September 10, 2016

Suspected Bot List [2016-09-09]

detection period: 2016-09-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 180

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-09-09]

detection period: 2016-09-09 00:00-23:59 UTC
total number of suspected botnet IPs: 1130
number of botnet IPs notified to network operators: 950
number of spam blocked: 109268
recipient count of spam blocked: 2866048

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN151
2CHINANET-SD101
3VNPT-VNNIC-VN91
4HINET-NET57
5MX-USCV4-LACNIC32
6BSNLNET23
7VIETEL-VN19
8CHINANET-JS17
9VIETEL-VNNIC-VN16
10VE-CSVE-LACNIC16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China273
2Viet Nam161
3India112
4Mexico74
5Taiwan58
6Brazil50
7Peru29
8Colombia27
9Turkey26
10Venezuela21

Friday, September 9, 2016

Suspected Bot List [2016-09-08]

detection period: 2016-09-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 175

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-09-08]

detection period: 2016-09-08 00:00-23:59 UTC
total number of suspected botnet IPs: 1429
number of botnet IPs notified to network operators: 1254
number of spam blocked: 104595
recipient count of spam blocked: 2721087

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-SD276
2CHINANET-HN157
3VNPT-VNNIC-VN94
4HINET-NET61
5CHINANET-JS31
6MX-USCV4-LACNIC29
7BSNLNET29
8VIETEL-VN18
9VE-CSVE-LACNIC16
10PE-TPSA-LACNIC15

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China468
2Viet Nam168
3India148
4Mexico82
5Brazil63
6Taiwan61
7Turkey38
8Peru37
9Iran33
10Colombia27

Thursday, September 8, 2016

Suspected Bot List [2016-09-07]

detection period: 2016-09-07 00:00-23:59 UTC
number of suspected bots' IPs listed here: 215

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.18.206.138Argentina
AR186.138.82.138Argentina
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-09-07]

detection period: 2016-09-07 00:00-23:59 UTC
total number of suspected botnet IPs: 1189
number of botnet IPs notified to network operators: 974
number of spam blocked: 103109
recipient count of spam blocked: 2762675

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN141
2VNPT-VNNIC-VN84
3HINET-NET64
4CHINANET-SD40
5CHINANET-JS36
6BSNLNET36
7MX-USCV4-LACNIC27
8FPT-VN18
9BHARTI-IN18
10PE-TPSA-LACNIC17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China237
2Viet Nam155
3India149
4Mexico73
5Taiwan66
6Peru44
7Brazil38
8Turkey34
9Iran34
10Colombia30

Wednesday, September 7, 2016

Suspected Bot List [2016-09-06]

detection period: 2016-09-06 00:00-23:59 UTC
number of suspected bots' IPs listed here: 106

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.18.206.138Argentina
AR186.138.82.138Argentina
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-09-06]

detection period: 2016-09-06 00:00-23:59 UTC
total number of suspected botnet IPs: 872
number of botnet IPs notified to network operators: 766
number of spam blocked: 89480
recipient count of spam blocked: 2502114

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN128
2HINET-NET71
3VNPT-VNNIC-VN66
4CHINANET-JS44
5MX-USCV4-LACNIC28
6CHINANET-SD25
7BSNLNET17
8ETC-VNNIC-VN14
9BHARTI-IN14
10VIETEL-VNNIC-VN13

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China226
2Viet Nam116
3India75
4Taiwan72
5Mexico52
6Brazil32
7Peru29
8Colombia27
9Turkey25
10Iran23

Tuesday, September 6, 2016

Suspected Bot List [2016-09-05]

detection period: 2016-09-05 00:00-23:59 UTC
number of suspected bots' IPs listed here: 110

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-09-05]

detection period: 2016-09-05 00:00-23:59 UTC
total number of suspected botnet IPs: 734
number of botnet IPs notified to network operators: 624
number of spam blocked: 85658
recipient count of spam blocked: 2344987

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN109
2HINET-NET57
3VNPT-VNNIC-VN56
4CHINANET-JS32
5CHINANET-SD31
6MX-USCV4-LACNIC21
7BHARTI-IN12
8BSNLNET10
9VIETEL-VNNIC-VN9
10ETC-VNNIC-VN9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China192
2Viet Nam94
3India70
4Taiwan57
5Mexico45
6Brazil29
7Turkey21
8Iran18
9Colombia18
10Peru17

Monday, September 5, 2016

Suspected Bot List [2016-09-04]

detection period: 2016-09-04 00:00-23:59 UTC
number of suspected bots' IPs listed here: 136

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.138.82.138Argentina

List from greylisting:

Botnet Statistics [2016-09-04]

detection period: 2016-09-04 00:00-23:59 UTC
total number of suspected botnet IPs: 928
number of botnet IPs notified to network operators: 792
number of spam blocked: 80708
recipient count of spam blocked: 2366027

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1VNPT-VNNIC-VN83
2HINET-NET65
3CHINANET-HN53
4CHINANET-SD47
5MX-USCV4-LACNIC25
6ETC-VNNIC-VN25
7BSNLNET23
8BHARTI-IN22
9FPT-VN18
10VIETEL-VNNIC-VN16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Viet Nam166
2China128
3India120
4Taiwan67
5Mexico48
6Iran31
7Brazil31
8Peru24
9Thailand23
10Colombia22

Sunday, September 4, 2016

Botnet Statistics for August 2016

detection period: 2016-08-01 00:00 - 2016-08-31 23:59 UTC
total number of suspected botnet IPs: 40100
number of blocked spams: 546780
recipient count of blocked spams: 12709564

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China15749
2Taiwan12362
3India2544
4Viet Nam2009
5Mexico753
6Iran544
7Brazil522
8Turkey424
9United States344
10Peru321
11Indonesia293
12Colombia285
13Pakistan276
14Venezuela243
15Bangladesh173
16Thailand154
17Argentina152
18Philippines145
19Arab Emirates141
20Tunisia125
21Saudi Arabia125
22Romania98
23Russian Federation94
24South Korea89
25Italy85

The top 25 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1Taiwan413531
2United States47790
3China41376
4Poland35587
5Germany3357
6Philippines712
7Thailand641
8France384
9South Korea355
10Mexico339
11Turkey303
12Argentina301
13Russian Federation300
14United Kingdom287
15Brazil200
16Viet Nam167
17India140
18Saudi Arabia116
19Hong Kong94
20Peru77
21Austria71
22Colombia65
23Iran64
24Indonesia51
25Ecuador49

The top 25 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Suspected Bot List [2016-09-03]

detection period: 2016-09-03 00:00-23:59 UTC
number of suspected bots' IPs listed here: 105

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-03]

detection period: 2016-09-03 00:00-23:59 UTC
total number of suspected botnet IPs: 520
number of botnet IPs notified to network operators: 415
number of spam blocked: 56432
recipient count of spam blocked: 1638092

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-SD37
2CHINANET-JS30
3MX-USCV4-LACNIC26
4VNPT-VNNIC-VN22
5HINET-NET13
6PE-PETD2-LACNIC11
7BSNLNET9
8CO-ACSA-LACNIC8
9BHARTI-IN8
10PE-TPSA-LACNIC7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China81
2India52
3Mexico51
4Viet Nam43
5Peru32
6Colombia25
7Brazil24
8Iran15
9Taiwan13
10Pakistan11

Saturday, September 3, 2016

Suspected Bot List [2016-09-02]

detection period: 2016-09-02 00:00-23:59 UTC
number of suspected bots' IPs listed here: 166

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-02]

detection period: 2016-09-02 00:00-23:59 UTC
total number of suspected botnet IPs: 1094
number of botnet IPs notified to network operators: 928
number of spam blocked: 73982
recipient count of spam blocked: 2180171

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1VNPT-VNNIC-VN65
2HINET-NET58
3CHINANET-JS33
4CHINANET-HN33
5BSNLNET29
6MX-USCV4-LACNIC24
7BHARTI-IN21
8CHINANET-AH20
9ETC-VNNIC-VN18
10VIETEL-VNNIC-VN17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1India168
2Viet Nam154
3China151
4Mexico67
5Taiwan59
6Brazil57
7Peru37
8Colombia33
9Turkey31
10Iran24

Friday, September 2, 2016

Suspected Bot List [2016-09-01]

detection period: 2016-09-01 00:00-23:59 UTC
number of suspected bots' IPs listed here: 197

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-01]

detection period: 2016-09-01 00:00-23:59 UTC
total number of suspected botnet IPs: 1296
number of botnet IPs notified to network operators: 1099
number of spam blocked: 90515
recipient count of spam blocked: 2640183

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN100
2VNPT-VNNIC-VN85
3HINET-NET57
4CHINANET-SD52
5MX-USCV4-LACNIC44
6VIETEL-VNNIC-VN24
7PE-TPSA-LACNIC22
8BSNLNET20
9BHARTI-IN19
10CO-ACSA-LACNIC17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China234
2Viet Nam177
3India135
4Mexico96
5Brazil64
6Taiwan58
7Peru54
8Colombia47
9Turkey38
10Iran29

Thursday, September 1, 2016

Suspected Bot List [2016-08-31]

detection period: 2016-08-31 00:00-23:59 UTC
number of suspected bots' IPs listed here: 204

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.236Poland

List from greylisting:

Botnet Statistics [2016-08-31]

detection period: 2016-08-31 00:00-23:59 UTC
total number of suspected botnet IPs: 1592
number of botnet IPs notified to network operators: 1388
number of spam blocked: 96901
recipient count of spam blocked: 2629019

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU178
2VNPT-VNNIC-VN122
3CHINANET-HN82
4CHINANET-SD79
5HINET-NET61
6MX-USCV4-LACNIC43
7BSNLNET40
8BHARTI-IN25
9ETC-VNNIC-VN22
10FPT-VN21

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China449
2Viet Nam225
3India168
4Mexico92
5Brazil67
6Taiwan62
7Peru43
8Colombia40
9Turkey35
10Iran34