Custom Search

Monday, October 31, 2016

Suspected Bot List [2016-10-30]

detection period: 2016-10-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 14

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-30]

detection period: 2016-10-30 00:00-23:59 UTC
total number of suspected botnet IPs: 561
number of botnet IPs notified to network operators: 547
number of spam blocked: 4322
recipient count of spam blocked: 4606

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU182
2CHINANET-HN137
3UNICOM-ZJ30
4CHINANET-JS27
5WASU-BB26
6UNICOM-JS26
7CMNET9
8VNPT-VNNIC-VN7
9HUNAN-CATV6
10CHINANET-ZJ5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China478
2Viet Nam14
3United States8
4Russian Federation5
5India5
6Ukraine4
7Taiwan4
8Pakistan4
9Hong Kong4
10Thailand3

Sunday, October 30, 2016

Suspected Bot List [2016-10-29]

detection period: 2016-10-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 8

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-29]

detection period: 2016-10-29 00:00-23:59 UTC
total number of suspected botnet IPs: 124
number of botnet IPs notified to network operators: 116
number of spam blocked: 8452
recipient count of spam blocked: 8469

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET6
2CHINANET-JS6
3HUNAN-CATV5
4CHINANET-ZJ4
5CHINANET-HN4
6broadNnet-KR3
7VNPT-VNNIC-VN3
8UNICOM-TJ3
9CHINANET-SH3
10WEST2632

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China51
2United States8
3Brazil6
4Viet Nam4
5Russian Federation4
6South Korea4
7United Kingdom4
8Romania3
9Iran3
10India3

Saturday, October 29, 2016

Suspected Bot List [2016-10-28]

detection period: 2016-10-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 79

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-28]

detection period: 2016-10-28 00:00-23:59 UTC
total number of suspected botnet IPs: 973
number of botnet IPs notified to network operators: 894
number of spam blocked: 6141
recipient count of spam blocked: 6729

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU361
2CHINANET-HN143
3CHINANET-JS28
4VNPT-VNNIC-VN23
5BSNLNET18
6BHARTI-IN18
7UNICOM-ZJ17
8WASU-BB14
9FPT-VN11
10VIETEL-VNNIC-VN10

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China621
2India89
3Viet Nam61
4Iran17
5Brazil17
6Pakistan13
7Turkey12
8Mexico9
9Russian Federation8
10Indonesia7

Friday, October 28, 2016

Suspected Bot List [2016-10-27]

detection period: 2016-10-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 53

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-27]

detection period: 2016-10-27 00:00-23:59 UTC
total number of suspected botnet IPs: 1301
number of botnet IPs notified to network operators: 1248
number of spam blocked: 8001
recipient count of spam blocked: 8546

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU514
2CHINANET-HN164
3UNICOM-ZJ86
4CHINANET-JS58
5UNICOM-JS50
6WASU-BB39
7BSNLNET19
8VNPT-VNNIC-VN16
9BHARTI-IN14
10VIETEL-VNNIC-VN7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China963
2India86
3Viet Nam39
4Iran15
5Brazil15
6Turkey13
7Mexico12
8United States10
9Pakistan10
10Indonesia8

Thursday, October 27, 2016

Suspected Bot List [2016-10-26]

detection period: 2016-10-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 40

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-26]

detection period: 2016-10-26 00:00-23:59 UTC
total number of suspected botnet IPs: 1084
number of botnet IPs notified to network operators: 1044
number of spam blocked: 7148
recipient count of spam blocked: 7378

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU441
2CHINANET-HN176
3UNICOM-ZJ97
4CHINANET-JS54
5UNICOM-JS35
6WASU-BB28
7BHARTI-IN12
8VNPT-VNNIC-VN11
9BSNLNET11
10VIETEL-VNNIC-VN7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China882
2India58
3Viet Nam24
4Russian Federation15
5United States11
6Turkey7
7Iran7
8Pakistan6
9Thailand4
10Serbia3

Wednesday, October 26, 2016

Suspected Bot List [2016-10-25]

detection period: 2016-10-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 32

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-10-25]

detection period: 2016-10-25 00:00-23:59 UTC
total number of suspected botnet IPs: 1091
number of botnet IPs notified to network operators: 1059
number of spam blocked: 7325
recipient count of spam blocked: 8144

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU499
2CHINANET-HN146
3UNICOM-ZJ65
4CHINANET-JS54
5UNICOM-JS50
6WASU-BB22
7CMNET17
8VNPT-VNNIC-VN10
9VIETEL-VNNIC-VN7
10VIETEL-VN7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China901
2Viet Nam31
3India30
4Brazil10
5Pakistan7
6Mexico7
7Iran7
8Turkey6
9United States5
10Russian Federation5

Tuesday, October 25, 2016

Suspected Bot List [2016-10-24]

detection period: 2016-10-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 50

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia
SE83.209.97.130Sweden
US24.75.175.57United States
US64.53.118.218United States
US66.172.212.225United States
US68.179.186.14United States
US69.145.139.25United States
US69.146.53.153United States
US74.129.250.178United States
US74.131.166.221United States
US165.166.197.106United States
US165.166.211.121United States
US204.116.166.46United States
US206.74.30.73United States
US207.144.226.206United States

List from greylisting:

Botnet Statistics [2016-10-24]

detection period: 2016-10-24 00:00-23:59 UTC
total number of suspected botnet IPs: 1496
number of botnet IPs notified to network operators: 1446
number of spam blocked: 5786
recipient count of spam blocked: 6186

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU534
2CHINANET-HN147
3UNICOM-ZJ103
4CHINANET-JS44
5UNICOM-JS40
6WASU-BB21
7BSNLNET11
8CDELIGHTBAND10
9VNPT-VNNIC-VN9
10HUNAN-CATV9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China979
2United States250
3India57
4Sweden26
5Viet Nam25
6Ukraine10
7Russian Federation10
8Iran10
9Mexico8
10Bangladesh8

Monday, October 24, 2016

Suspected Bot List [2016-10-23]

detection period: 2016-10-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 9

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-23]

detection period: 2016-10-23 00:00-23:59 UTC
total number of suspected botnet IPs: 592
number of botnet IPs notified to network operators: 583
number of spam blocked: 2623
recipient count of spam blocked: 2915

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU222
2CHINANET-HN123
3UNICOM-ZJ59
4WASU-BB25
5UNICOM-JS18
6CHINANET-ZJ-HZ11
7HUNAN-CATV10
8CMNET8
9CHINANET-JS6
10Chinafic5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China537
2Viet Nam8
3Russian Federation5
4India5
5Bangladesh5
6Thailand2
7Kazakhstan2
8Japan2
9Iran2
10United Kingdom2

Sunday, October 23, 2016

Suspected Bot List [2016-10-22]

detection period: 2016-10-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 15

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-22]

detection period: 2016-10-22 00:00-23:59 UTC
total number of suspected botnet IPs: 306
number of botnet IPs notified to network operators: 291
number of spam blocked: 2431
recipient count of spam blocked: 2841

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN141
2CHINANET-ZJ-HZ27
3VNPT-VNNIC-VN11
4FPT-VN7
5CMNET7
6CHINANET-JS7
7CHINANET-ZJ-ZX5
8VIETEL-VNNIC-VN4
9VIETEL-VN4
10STANLEY4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China222
2Viet Nam28
3United States8
4India6
5Taiwan3
6Brazil3
7Romania2
8Mexico2
9Cambodia2
10Indonesia2

Saturday, October 22, 2016

Suspected Bot List [2016-10-21]

detection period: 2016-10-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 11

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-21]

detection period: 2016-10-21 00:00-23:59 UTC
total number of suspected botnet IPs: 617
number of botnet IPs notified to network operators: 606
number of spam blocked: 5886
recipient count of spam blocked: 6014

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU276
2CHINANET-HN113
3UNICOM-ZJ45
4WASU-BB29
5CHINANET-ZJ-HZ20
6CHINANET-JS12
7CMNET9
8CHINANET-ZJ7
9Chinafic5
10VNPT-VNNIC-VN4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China546
2Viet Nam9
3United States8
4Pakistan4
5India4
6South Korea3
7Japan3
8Hong Kong3
9United Kingdom3
10Spain3

Friday, October 21, 2016

Suspected Bot List [2016-10-20]

detection period: 2016-10-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 9

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-20]

detection period: 2016-10-20 00:00-23:59 UTC
total number of suspected botnet IPs: 969
number of botnet IPs notified to network operators: 960
number of spam blocked: 4817
recipient count of spam blocked: 4983

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU538
2CHINANET-HN132
3UNICOM-ZJ91
4UNICOM-JS38
5WASU-BB32
6CHINANET-JS27
7CMNET8
8VNPT-VNNIC-VN5
9Chinafic5
10CHINANET-SH4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China907
2United States9
3Viet Nam8
4Kazakhstan5
5India4
6Ukraine3
7Russian Federation3
8Brazil3
9Turkey2
10Turkmenistan2

Thursday, October 20, 2016

Suspected Bot List [2016-10-19]

detection period: 2016-10-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 22

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.110.16.235Arab Emirates
BO186.27.126.130Bolivia
CO190.60.234.186Colombia
DZ193.194.69.36Algeria
ID202.61.126.62Indonesia
IN125.16.240.197India
IN203.192.212.52India
KH43.255.114.242Cambodia
KZ213.157.57.102Kazakhstan
PK202.125.129.131Pakistan
SG112.140.186.170Singapore
TW118.232.150.18Taiwan
TW118.233.116.192Taiwan
TW123.195.189.36Taiwan
ZA196.46.23.122South Africa

List from greylisting:

Botnet Statistics [2016-10-19]

detection period: 2016-10-19 00:00-23:59 UTC
total number of suspected botnet IPs: 1240
number of botnet IPs notified to network operators: 1219
number of spam blocked: 9973
recipient count of spam blocked: 130518

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU438
2HINET-NET117
3CHINANET-HN112
4UNICOM-ZJ67
5CHINANET-JS36
6UNICOM-JS34
7CHINANET-GD34
8UNICOM-GX27
9WASU-BB21
10CMNET11

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China918
2Taiwan144
3Russian Federation19
4Brazil18
5United States16
6India14
7Turkey10
8South Korea8
9Germany7
10Colombia6

Wednesday, October 19, 2016

Suspected Bot List [2016-10-18]

detection period: 2016-10-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 27

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.110.16.235Arab Emirates
BO186.27.126.130Bolivia
CO190.60.234.186Colombia
DZ193.194.69.36Algeria
ID202.61.126.62Indonesia
IN125.16.240.197India
IN203.192.212.52India
IN223.196.86.215India
IN223.196.86.227India
KH43.255.114.242Cambodia
KZ213.157.57.102Kazakhstan
PK202.125.129.131Pakistan
SG112.140.186.170Singapore
TW118.233.116.192Taiwan
ZA196.46.23.122South Africa

List from greylisting:

Botnet Statistics [2016-10-18]

detection period: 2016-10-18 00:00-23:59 UTC
total number of suspected botnet IPs: 1261
number of botnet IPs notified to network operators: 1234
number of spam blocked: 14360
recipient count of spam blocked: 223047

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU529
2CHINANET-HN116
3HINET-NET80
4UNICOM-ZJ61
5UNICOM-JS40
6WASU-BB34
7CHINANET-GD34
8CHINANET-JS20
9UNICOM-GX13
10CMNET12

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China958
2Taiwan93
3India22
4United States16
5Brazil16
6Russian Federation14
7Turkey13
8Viet Nam11
9Kazakhstan10
10Ukraine6

Tuesday, October 18, 2016

Suspected Bot List [2016-10-17]

detection period: 2016-10-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 25

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE83.110.16.235Arab Emirates
AR190.18.194.149Argentina
BO186.27.126.130Bolivia
CO190.60.234.186Colombia
IN125.16.240.197India
IN223.196.86.215India
KH43.255.114.242Cambodia
PK202.125.129.131Pakistan
TW118.233.116.192Taiwan

List from greylisting:

Botnet Statistics [2016-10-17]

detection period: 2016-10-17 00:00-23:59 UTC
total number of suspected botnet IPs: 1131
number of botnet IPs notified to network operators: 1106
number of spam blocked: 3116
recipient count of spam blocked: 35073

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU548
2UNICOM-ZJ81
3CHINANET-HN63
4CHINANET-JS53
5UNICOM-JS46
6WASU-BB30
7HINET-NET24
8CHINANET-GD23
9MSFT15
10CMNET9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China942
2Taiwan30
3United States27
4India18
5Russian Federation15
6Viet Nam11
7Brazil10
8Pakistan6
9South Korea6
10Turkey5

Monday, October 17, 2016

Suspected Bots' IP List for September 2016

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below). You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2016-09-01]
Suspected Bots IP [2016-09-02]
Suspected Bots IP [2016-09-03]
Suspected Bots IP [2016-09-04]
Suspected Bots IP [2016-09-05]
Suspected Bots IP [2016-09-06]
Suspected Bots IP [2016-09-07]
Suspected Bots IP [2016-09-08]
Suspected Bots IP [2016-09-09]
Suspected Bots IP [2016-09-10]
Suspected Bots IP [2016-09-11]
Suspected Bots IP [2016-09-12]
Suspected Bots IP [2016-09-13]
Suspected Bots IP [2016-09-14]
Suspected Bots IP [2016-09-15]
Suspected Bots IP [2016-09-16]
Suspected Bots IP [2016-09-17]
Suspected Bots IP [2016-09-18]
Suspected Bots IP [2016-09-19]
Suspected Bots IP [2016-09-20]
Suspected Bots IP [2016-09-21]
Suspected Bots IP [2016-09-22]
Suspected Bots IP [2016-09-23]
Suspected Bots IP [2016-09-24]
Suspected Bots IP [2016-09-25]
Suspected Bots IP [2016-09-26]
Suspected Bots IP [2016-09-27]
Suspected Bots IP [2016-09-28]
Suspected Bots IP [2016-09-29]
Suspected Bots IP [2016-09-30]

Suspected Bot List [2016-10-16]

detection period: 2016-10-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 16

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-16]

detection period: 2016-10-16 00:00-23:59 UTC
total number of suspected botnet IPs: 783
number of botnet IPs notified to network operators: 767
number of spam blocked: 2771
recipient count of spam blocked: 3341

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU353
2CHINANET-HN128
3UNICOM-ZJ96
4WASU-BB36
5CHINANET-JS17
6UNICOM-JS13
7VNPT-VNNIC-VN10
8Chinafic5
9SONET-NET4
10HINET-NET4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China674
2Viet Nam22
3India10
4Ukraine8
5Taiwan8
6Brazil8
7United States6
8Russian Federation6
9Romania4
10Kazakhstan4

Sunday, October 16, 2016

Suspected Bot List [2016-10-15]

detection period: 2016-10-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 13

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-15]

detection period: 2016-10-15 00:00-23:59 UTC
total number of suspected botnet IPs: 344
number of botnet IPs notified to network operators: 331
number of spam blocked: 3094
recipient count of spam blocked: 3671

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN140
2WASU32
3UNICOM-ZJ25
4WASU-BB13
5CMNET13
6CHINANET-JS9
7VNPT-VNNIC-VN5
8CHINANET-GD5
9UNICOM-TJ3
10BSNLNET3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China267
2India12
3Viet Nam10
4United States8
5Russian Federation7
6Brazil6
7Kazakhstan4
8South Korea3
9Ukraine2
10Taiwan2

Saturday, October 15, 2016

Suspected Bot List [2016-10-14]

detection period: 2016-10-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 11

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-14]

detection period: 2016-10-14 00:00-23:59 UTC
total number of suspected botnet IPs: 491
number of botnet IPs notified to network operators: 480
number of spam blocked: 5510
recipient count of spam blocked: 6042

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-HN154
2WASU103
3UNICOM-ZJ44
4CHINANET-JS31
5UNICOM-JS20
6CMNET16
7WASU-BB12
8UNICOM-TJ5
9VNPT-VNNIC-VN4
10CHINANET-GD4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China411
2India15
3United States14
4Viet Nam8
5Russian Federation6
6Hong Kong5
7Germany3
8Ukraine2
9South Korea2
10Uzbekistan1

Friday, October 14, 2016

Suspected Bot List [2016-10-13]

detection period: 2016-10-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 11

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-13]

detection period: 2016-10-13 00:00-23:59 UTC
total number of suspected botnet IPs: 930
number of botnet IPs notified to network operators: 919
number of spam blocked: 3010
recipient count of spam blocked: 3584

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU430
2CHINANET-HN189
3UNICOM-ZJ87
4CHINANET-JS40
5WASU-BB30
6UNICOM-JS30
7CMNET15
8VNPT-VNNIC-VN13
9ETC-VNNIC-VN6
10FPT-VN5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China845
2Viet Nam28
3Taiwan5
4United States4
5Russian Federation4
6Kazakhstan4
7Brazil4
8India3
9Spain3
10Ukraine2

Thursday, October 13, 2016

Suspected Bot List [2016-10-12]

detection period: 2016-10-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 8

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-10-12]

detection period: 2016-10-12 00:00-23:59 UTC
total number of suspected botnet IPs: 759
number of botnet IPs notified to network operators: 751
number of spam blocked: 2863
recipient count of spam blocked: 3293

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU261
2CHINANET-HN177
3UNICOM-ZJ69
4CHINANET-JS47
5UNICOM-JS46
6WASU-BB23
7CMNET17
8CHINANET-GD7
9HICHINA4
10KZ-KAZAKTELECOM-200809233

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China675
2Russian Federation11
3India10
4United States9
5Viet Nam6
6Kazakhstan5
7Iran4
8Mexico3
9Pakistan2
10Peru2

Wednesday, October 12, 2016

Suspected Bot List [2016-10-11]

detection period: 2016-10-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 4

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-10-11]

detection period: 2016-10-11 00:00-23:59 UTC
total number of suspected botnet IPs: 776
number of botnet IPs notified to network operators: 772
number of spam blocked: 2251
recipient count of spam blocked: 2715

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU400
2CHINANET-HN138
3UNICOM-ZJ66
4CHINANET-JS33
5WASU-BB23
6UNICOM-JS23
7CMNET15
8Chinafic5
9CHINANET-SH5
10VNPT-VNNIC-VN4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China735
2Viet Nam7
3India5
4United States4
5Russian Federation4
6Ukraine2
7Nigeria2
8Kazakhstan2
9Spain2
10Germany2

Tuesday, October 11, 2016

Suspected Bot List [2016-10-10]

detection period: 2016-10-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 11

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-10-10]

detection period: 2016-10-10 00:00-23:59 UTC
total number of suspected botnet IPs: 1121
number of botnet IPs notified to network operators: 1110
number of spam blocked: 4073
recipient count of spam blocked: 5015

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU661
2CHINANET-HN105
3UNICOM-ZJ89
4CHINANET-JS60
5UNICOM-JS46
6WASU-BB29
7CHINANET-AH27
8CMNET19
9VNPT-VNNIC-VN7
10Chinafic5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1065
2Viet Nam10
3Russian Federation6
4India6
5United States5
6Kazakhstan3
7Taiwan2
8Pakistan2
9Netherlands2
10Iran2

Monday, October 10, 2016

Suspected Bot List [2016-10-09]

detection period: 2016-10-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 4

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-09]

detection period: 2016-10-09 00:00-23:59 UTC
total number of suspected botnet IPs: 1010
number of botnet IPs notified to network operators: 1006
number of spam blocked: 1834
recipient count of spam blocked: 2263

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU598
2CHINANET-HN109
3UNICOM-ZJ85
4WASU-BB40
5CHINANET-JS32
6UNICOM-JS29
7CMNET14
8CHINANET-AH6
9Chinafic5
10VNPT-VNNIC-VN4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China951
2United States7
3Viet Nam6
4Taiwan6
5India6
6Russian Federation5
7Hong Kong4
8Iran3
9Thailand2
10Netherlands2

Sunday, October 9, 2016

Suspected Bot List [2016-10-08]

detection period: 2016-10-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 4

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-08]

detection period: 2016-10-08 00:00-23:59 UTC
total number of suspected botnet IPs: 1111
number of botnet IPs notified to network operators: 1107
number of spam blocked: 3634
recipient count of spam blocked: 30543

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU626
2CHINANET-HN166
3UNICOM-ZJ99
4WASU-BB38
5HINET-NET33
6CHINANET-JS13
7CHINANET-AH12
8CMNET9
9UNICOM-NM8
10CHINANET-HB7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1032
2Taiwan34
3United States7
4Hong Kong3
5Viet Nam2
6Romania2
7Pakistan2
8Peru2
9Netherlands2
10Republic Of Moldova2

Saturday, October 8, 2016

Suspected Bot List [2016-10-07]

detection period: 2016-10-07 00:00-23:59 UTC
number of suspected bots' IPs listed here: 3

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-10-07]

detection period: 2016-10-07 00:00-23:59 UTC
total number of suspected botnet IPs: 1135
number of botnet IPs notified to network operators: 1132
number of spam blocked: 30267
recipient count of spam blocked: 715593

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET536
2WASU343
3CHINANET-HN108
4UNICOM-ZJ32
5WASU-BB27
6CHINANET-JS13
7CMNET11
8CHINANET-AH8
9Chinafic5
10CHINANET-HB5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China581
2Taiwan537
3United States5
4Hong Kong2
5Turkey1
6Slovakia1
7Russian Federation1
8Poland1
9Cambodia1
10Japan1

Friday, October 7, 2016

Suspected Bot List [2016-10-06]

detection period: 2016-10-06 00:00-23:59 UTC
number of suspected bots' IPs listed here: 2

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-10-06]

detection period: 2016-10-06 00:00-23:59 UTC
total number of suspected botnet IPs: 991
number of botnet IPs notified to network operators: 989
number of spam blocked: 46244
recipient count of spam blocked: 1307374

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET898
2CHINANET-AH18
3CHINANET-HB15
4CHINANET-HA12
5UNICOM-NM11
6CHINANET-JS11
7CHINANET-ZJ-NB9
8CHINANET-ZJ7
9RKXT4
10XINWEITELECOM-KH1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan898
2China89
3United States1
4Poland1
5Cambodia1
6Canada1

Thursday, October 6, 2016

Suspected Bot List [2016-10-05]

detection period: 2016-10-05 00:00-23:59 UTC
number of suspected bots' IPs listed here: 2

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-10-05]

detection period: 2016-10-05 00:00-23:59 UTC
total number of suspected botnet IPs: 893
number of botnet IPs notified to network operators: 891
number of spam blocked: 40639
recipient count of spam blocked: 1190535

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET824
2CHINANET-JS12
3CHINANET-HB12
4CHINANET-AH11
5UNICOM-NM10
6CHINANET-ZJ6
7CHINANET-ZJ-NB5
8MAINT-CHINANET-HA4
9CHINANET-HA4
10CHINANET-HN2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan824
2China66
3Poland1
4Cambodia1
5Canada1

Wednesday, October 5, 2016

Suspected Bot List [2016-10-04]

detection period: 2016-10-04 00:00-23:59 UTC
number of suspected bots' IPs listed here: 2

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-10-04]

detection period: 2016-10-04 00:00-23:59 UTC
total number of suspected botnet IPs: 925
number of botnet IPs notified to network operators: 923
number of spam blocked: 47267
recipient count of spam blocked: 1329427

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET909
2CHINANET-JS10
3XINWEITELECOM-KH1
4SI-T-21
5PL-ZFIX-201511051
6CSLOXINFO-AS-AP1
7CMNET1
8ATT1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan909
2China11
3United States1
4Thailand1
5Slovenia1
6Poland1
7Cambodia1

Tuesday, October 4, 2016

Suspected Bot List [2016-10-03]

detection period: 2016-10-03 00:00-23:59 UTC
number of suspected bots' IPs listed here: 2

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia
PL185.125.4.152Poland

List from greylisting:

Botnet Statistics [2016-10-03]

detection period: 2016-10-03 00:00-23:59 UTC
total number of suspected botnet IPs: 914
number of botnet IPs notified to network operators: 912
number of spam blocked: 37362
recipient count of spam blocked: 1072005

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET901
2CHINANET-JS9
3XINWEITELECOM-KH1
4SI-T-21
5PL-ZFIX-201511051
6CHINANET-ZJ-JH1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan901
2China10
3Slovenia1
4Poland1
5Cambodia1

Monday, October 3, 2016

Suspected Bot List [2016-10-02]

detection period: 2016-10-02 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
KH43.255.114.242Cambodia

List from greylisting:

Botnet Statistics [2016-10-02]

detection period: 2016-10-02 00:00-23:59 UTC
total number of suspected botnet IPs: 935
number of botnet IPs notified to network operators: 934
number of spam blocked: 37694
recipient count of spam blocked: 1115109

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET925
2CHINANET-JS9
3XINWEITELECOM-KH1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan925
2China9
3Cambodia1

Sunday, October 2, 2016

Suspected Bot List [2016-10-01]

detection period: 2016-10-01 00:00-23:59 UTC
number of suspected bots' IPs listed here: 0

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-10-01]

detection period: 2016-10-01 00:00-23:59 UTC
total number of suspected botnet IPs: 974
number of botnet IPs notified to network operators: 974
number of spam blocked: 40106
recipient count of spam blocked: 1192304

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET959
2CHINANET-JS9
3CHINANET-SD5
4XINWEITELECOM-KH1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan959
2China14
3Cambodia1

Saturday, October 1, 2016

Botnet Statistics for September 2016

detection period: 2016-09-01 00:00 - 2016-09-30 23:59 UTC
total number of suspected botnet IPs: 24729
number of blocked spams: 568419
recipient count of blocked spams: 12868411

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan9260
2China3681
3Viet Nam2323
4India1971
5Mexico1058
6Brazil611
7Peru593
8Iran436
9Colombia436
10Turkey332
11Thailand208
12Argentina201
13Indonesia200
14Venezuela186
15Pakistan175
16Saudi Arabia171
17Arab Emirates146
18Tunisia129
19Bolivia128
20Philippines117
21Macedonia116
22Italy107
23Serbia79
24South Africa73
25Spain73

The top 17 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1Taiwan423203
2Poland82741
3China44535
4United States8010
5Italy4174
6Philippines3356
7United Kingdom1130
8Thailand705
9Argentina260
10Turkey230
11Canada48
12Ukraine16
13Romania5
14Arab Emirates3
15Mexico1
16Lithuania1
17Croatia1

The top 17 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Suspected Bot List [2016-09-30]

detection period: 2016-09-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 0

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2016-09-30]

detection period: 2016-09-30 00:00-23:59 UTC
total number of suspected botnet IPs: 1079
number of botnet IPs notified to network operators: 1079
number of spam blocked: 42141
recipient count of spam blocked: 1221703

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1001
2CHINANET-HN65
3CHINANET-JS9
4CHINANET-SD4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan1001
2China78