Custom Search

Friday, March 31, 2017

Botnet Statistics [2017-03-30]

detection period: 2017-03-30 00:00-23:59 UTC
total number of suspected botnet IPs: 260
number of botnet IPs notified to network operators: 223
number of spam blocked: 914
recipient count of spam blocked: 943

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1SINGLEHOP14
2CMNET14
3CHINANET-AH9
4VNPT-VNNIC-VN8
5CHINANET-GD8
6BHARTI-IN6
7UNICOM-BJ5
8Chinafic5
9CHINANET-JS4
10BSNLNET4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China80
2United States28
3India24
4Viet Nam13
5Russian Federation11
6Mexico11
7Indonesia9
8Turkey6
9Peru6
10Saudi Arabia5

Suspected Bot List [2017-03-30]

detection period: 2017-03-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 37

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Thursday, March 30, 2017

Botnet Statistics [2017-03-29]

detection period: 2017-03-29 00:00-23:59 UTC
total number of suspected botnet IPs: 279
number of botnet IPs notified to network operators: 250
number of spam blocked: 2394
recipient count of spam blocked: 32388

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET11
2VNPT-VNNIC-VN9
3ALISOFT8
4CHINANET-JS6
5Chinafic5
6CHINANET-JX5
7CHINANET-GZ5
8CHINANET-AH5
9VIETEL-VNNIC-VN4
10UNICOM-SH4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China109
2Viet Nam15
3United States14
4Russian Federation14
5Mexico9
6Argentina8
7India7
8Indonesia7
9Brazil6
10Ukraine5

Suspected Bot List [2017-03-29]

detection period: 2017-03-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 29

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR200.125.123.132Argentina

List from greylisting:

Wednesday, March 29, 2017

Botnet Statistics [2017-03-28]

detection period: 2017-03-28 00:00-23:59 UTC
total number of suspected botnet IPs: 246
number of botnet IPs notified to network operators: 234
number of spam blocked: 2339
recipient count of spam blocked: 39216

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU-BB18
2UNICOM-ZJ16
3CMNET13
4CHINANET-GD9
5UNICOM-GD6
6CHINANET-JS6
7ALISOFT6
8UNICOM-SD5
9UNICOM-BJ5
10Chinafic5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China147
2Russian Federation16
3United States12
4India7
5Viet Nam6
6South Korea5
7Taiwan4
8Japan4
9Pakistan3
10Mexico3

Suspected Bot List [2017-03-28]

detection period: 2017-03-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 12

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
TW123.194.225.45Taiwan

List from greylisting:

Tuesday, March 28, 2017

Botnet Statistics [2017-03-27]

detection period: 2017-03-27 00:00-23:59 UTC
total number of suspected botnet IPs: 323
number of botnet IPs notified to network operators: 316
number of spam blocked: 1597
recipient count of spam blocked: 19780

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ59
2WASU-BB40
3CMNET13
4CHINANET-JS12
5CHINANET-GD10
6CHINANET-AH8
7ALISOFT6
8WASU5
9UNICOM-BJ5
10Chinafic5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China223
2Russian Federation15
3United States14
4South Korea8
5India8
6Ukraine5
7Mexico4
8Taiwan3
9Netherlands2
10Kazakhstan2

Suspected Bot List [2017-03-27]

detection period: 2017-03-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 7

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Monday, March 27, 2017

Suspected Bot List [2017-03-26]

detection period: 2017-03-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 11

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
UY167.57.56.100Uruguay

List from greylisting:

Botnet Statistics [2017-03-26]

detection period: 2017-03-26 00:00-23:59 UTC
total number of suspected botnet IPs: 285
number of botnet IPs notified to network operators: 274
number of spam blocked: 1532
recipient count of spam blocked: 23294

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ50
2WASU-BB38
3CMNET9
4ALISOFT8
5CHINANET-JS6
6CHINANET-AH6
7Chinafic5
8CHINANET-HN5
9CHINANET-HB5
10CHINANET-GD5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China187
2Russian Federation17
3United States12
4Viet Nam9
5Brazil6
6India5
7South Korea4
8Thailand3
9Mexico3
10Ukraine2

Sunday, March 26, 2017

Botnet Statistics [2017-03-25]

detection period: 2017-03-25 00:00-23:59 UTC
total number of suspected botnet IPs: 255
number of botnet IPs notified to network operators: 223
number of spam blocked: 684
recipient count of spam blocked: 684

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ48
2WASU-BB26
3VNPT-VNNIC-VN10
4CHINANET-GD7
5Chinafic5
6CMNET5
7WASU4
8PE-TPSA-LACNIC4
9FPT-VN4
10PTCLBB-PK3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China120
2Viet Nam19
3India17
4United States8
5Brazil8
6Mexico7
7Turkey6
8Saudi Arabia6
9Argentina6
10Peru5

Suspected Bot List [2017-03-25]

detection period: 2017-03-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 32

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, March 25, 2017

Botnet Statistics [2017-03-24]

detection period: 2017-03-24 00:00-23:59 UTC
total number of suspected botnet IPs: 680
number of botnet IPs notified to network operators: 623
number of spam blocked: 2222
recipient count of spam blocked: 32469

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ129
2WASU62
3WASU-BB59
4CMNET16
5CHINANET-GD15
6UNICOM-GX14
7VNPT-VNNIC-VN13
8CHINANET-JS10
9CHINANET-CQ10
10UNICOM-SD8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China429
2Viet Nam30
3India23
4Russian Federation18
5Mexico17
6United States16
7Taiwan15
8Brazil11
9Peru8
10South Korea8

Suspected Bot List [2017-03-24]

detection period: 2017-03-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 57

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR181.231.28.20Argentina
BJ164.160.143.5Benin
BO186.27.126.130Bolivia
CO190.60.234.186Colombia
IN125.16.240.197India
IN203.192.212.52India
MV202.1.197.227Republic of Maldives
RU91.197.234.102Russian Federation
TW118.233.120.41Taiwan
TW118.233.127.25Taiwan
TW123.194.125.182Taiwan
ZA196.46.23.122South Africa

List from greylisting:

Friday, March 24, 2017

Suspected Bot List [2017-03-23]

detection period: 2017-03-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 72

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR181.231.28.20Argentina
BJ197.234.219.53Benin
BO186.27.126.130Bolivia
CL186.79.165.175Chile
CL200.50.61.39Chile
CN58.211.143.130China
CN59.76.48.238China
CN59.110.70.226China
CN60.205.157.58China
CN120.25.166.199China
CN120.26.98.146China
CN120.55.64.90China
CN120.77.17.171China
CN121.31.64.106China
CN123.56.77.15China
CN123.56.191.65China
CN182.92.223.227China
CN221.231.97.123China
CO186.154.234.164Colombia
CO190.60.234.186Colombia
EC186.69.32.14Ecuador
FR178.32.6.67France
IN125.16.240.197India
IN203.192.212.52India
IN223.196.86.227India
IN223.196.86.228India
KR61.14.208.52South Korea
MX200.39.24.109Mexico
MX201.144.15.227Mexico
PE190.117.120.241Peru
RU91.197.234.102Russian Federation
RU95.37.217.132Russian Federation
TH203.154.115.180Thailand
TW114.41.242.186Taiwan
TW123.194.125.182Taiwan
UY167.57.10.212Uruguay
ZA196.46.23.122South Africa

List from greylisting:

Botnet Statistics [2017-03-23]

detection period: 2017-03-23 00:00-23:59 UTC
total number of suspected botnet IPs: 747
number of botnet IPs notified to network operators: 675
number of spam blocked: 3151
recipient count of spam blocked: 52364

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ124
2WASU-BB63
3WASU63
4CHINANET-JS21
5UNICOM-GX19
6CMNET18
7VNPT-VNNIC-VN12
8CHINANET-GD11
9CHINANET-ZJ8
10ALISOFT8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China471
2India28
3Viet Nam24
4Russian Federation23
5United States19
6Brazil16
7Taiwan15
8South Korea8
9Peru7
10Mexico7

Thursday, March 23, 2017

Suspected Bot List [2017-03-22]

detection period: 2017-03-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 18

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
UY167.57.10.212Uruguay

List from greylisting:

Botnet Statistics [2017-03-22]

detection period: 2017-03-22 00:00-23:59 UTC
total number of suspected botnet IPs: 426
number of botnet IPs notified to network operators: 409
number of spam blocked: 1602
recipient count of spam blocked: 14257

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ107
2WASU77
3WASU-BB50
4CHINANET-JS9
5CHINANET-GD9
6VNPT-VNNIC-VN8
7CMNET7
8BSNLNET6
9MAIL-ESSENTIALS-FRANCE5
10Chinafic5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China305
2India15
3Viet Nam13
4United States12
5France12
6Mexico7
7Russian Federation5
8Pakistan4
9Brazil4
10Peru3

Wednesday, March 22, 2017

Suspected Bot List [2017-03-21]

detection period: 2017-03-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 26

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-21]

detection period: 2017-03-21 00:00-23:59 UTC
total number of suspected botnet IPs: 473
number of botnet IPs notified to network operators: 447
number of spam blocked: 2442
recipient count of spam blocked: 34729

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ86
2WASU63
3WASU-BB53
4CMNET17
5CHINANET-GD13
6VNPT-VNNIC-VN9
7BSNLNET6
8Chinafic5
9CHINANET-JS5
10MX-USCV4-LACNIC4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China295
2India21
3Viet Nam20
4Mexico16
5United States15
6Russian Federation12
7Peru6
8Indonesia5
9Pakistan4
10Brazil4

Tuesday, March 21, 2017

Suspected Bot List [2017-03-20]

detection period: 2017-03-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 38

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BJ197.234.219.17Benin
BJ197.234.219.56Benin
US206.125.41.139United States
US206.125.47.5United States
ZA196.46.23.122South Africa

List from greylisting:

Botnet Statistics [2017-03-20]

detection period: 2017-03-20 00:00-23:59 UTC
total number of suspected botnet IPs: 554
number of botnet IPs notified to network operators: 516
number of spam blocked: 1820
recipient count of spam blocked: 3157

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ111
2WASU70
3WASU-BB55
4CMNET18
5CHINANET-GD17
6VNPT-VNNIC-VN11
7MSFT6
8BSNLNET6
9Chinafic5
10UNICOM-BJ4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China336
2Viet Nam23
3United States21
4India21
5Russian Federation15
6Brazil12
7Peru9
8Mexico9
9Saudi Arabia6
10South Korea6

Monday, March 20, 2017

Suspected Bot List [2017-03-19]

detection period: 2017-03-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 12

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
UY167.57.159.41Uruguay

List from greylisting:

Botnet Statistics [2017-03-19]

detection period: 2017-03-19 00:00-23:59 UTC
total number of suspected botnet IPs: 256
number of botnet IPs notified to network operators: 244
number of spam blocked: 1213
recipient count of spam blocked: 15253

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ94
2WASU24
3WASU-BB19
4CMNET8
5CHINANET-GD8
6ALISOFT8
7Chinafic5
8TencentCloud3
9PTCLBB-PK3
10ZTWL2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China190
2United States10
3Viet Nam6
4Russian Federation5
5Brazil5
6Mexico4
7India4
8Taiwan3
9Thailand3
10Pakistan3

Sunday, March 19, 2017

Suspected Bots' IP List for February 2017

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below). You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2017-02-01]
Suspected Bots IP [2017-02-02]
Suspected Bots IP [2017-02-03]
Suspected Bots IP [2017-02-04]
Suspected Bots IP [2017-02-05]
Suspected Bots IP [2017-02-06]
Suspected Bots IP [2017-02-07]
Suspected Bots IP [2017-02-08]
Suspected Bots IP [2017-02-09]
Suspected Bots IP [2017-02-10]
Suspected Bots IP [2017-02-11]
Suspected Bots IP [2017-02-12]
Suspected Bots IP [2017-02-13]
Suspected Bots IP [2017-02-14]
Suspected Bots IP [2017-02-15]
Suspected Bots IP [2017-02-16]
Suspected Bots IP [2017-02-17]
Suspected Bots IP [2017-02-18]
Suspected Bots IP [2017-02-19]
Suspected Bots IP [2017-02-20]
Suspected Bots IP [2017-02-21]
Suspected Bots IP [2017-02-22]
Suspected Bots IP [2017-02-23]
Suspected Bots IP [2017-02-24]
Suspected Bots IP [2017-02-25]
Suspected Bots IP [2017-02-26]
Suspected Bots IP [2017-02-27]
Suspected Bots IP [2017-02-28]

Suspected Bot List [2017-03-18]

detection period: 2017-03-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 5

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BJ197.234.219.75Benin

List from greylisting:

Botnet Statistics [2017-03-18]

detection period: 2017-03-18 00:00-23:59 UTC
total number of suspected botnet IPs: 163
number of botnet IPs notified to network operators: 158
number of spam blocked: 736
recipient count of spam blocked: 736

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ96
2CHINANET-GD9
3CMNET3
4CHINANET-SH3
5ZTWL2
6XLNET-ID2
7VNPT-VNNIC-VN2
8SRT2
9VOLGOGRAD-REGION-NET1
10UNICOM-HA1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China127
2United States8
3Russian Federation6
4Viet Nam3
5Indonesia3
6Egypt2
7South Africa1
8Taiwan1
9Romania1
10Philippines1

Saturday, March 18, 2017

Suspected Bot List [2017-03-17]

detection period: 2017-03-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 14

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-17]

detection period: 2017-03-17 00:00-23:59 UTC
total number of suspected botnet IPs: 526
number of botnet IPs notified to network operators: 512
number of spam blocked: 21665
recipient count of spam blocked: 556239

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET254
2UNICOM-ZJ109
3WASU-BB18
4CMNET7
5CHINANET-GD6
6Chinafic5
7CHINANET-JS4
8MSFT3
9KORNET-KR3
10CHINANET-SH3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan254
2China190
3United States16
4Russian Federation15
5India8
6South Korea5
7Poland3
8Ukraine2
9Tanzania2
10Japan2

Friday, March 17, 2017

Suspected Bot List [2017-03-16]

detection period: 2017-03-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 13

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-16]

detection period: 2017-03-16 00:00-23:59 UTC
total number of suspected botnet IPs: 873
number of botnet IPs notified to network operators: 860
number of spam blocked: 39541
recipient count of spam blocked: 994042

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET473
2UNICOM-ZJ123
3WASU-BB67
4CMNET9
5WASU6
6CHINANET-AH6
7UNICOM-HA5
8Chinafic5
9CHINANET-JS5
10UNICOM-BJ4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan474
2China293
3Russian Federation16
4India13
5United States12
6Viet Nam5
7South Korea5
8Spain4
9Czech Republic4
10Argentina4

Thursday, March 16, 2017

Suspected Bot List [2017-03-15]

detection period: 2017-03-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 17

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
CO190.60.234.186Colombia
IN125.16.240.197India
IN223.196.86.228India
TW118.232.57.120Taiwan
TW123.193.122.128Taiwan
US206.125.47.5United States
ZA196.46.23.122South Africa

List from greylisting:

Botnet Statistics [2017-03-15]

detection period: 2017-03-15 00:00-23:59 UTC
total number of suspected botnet IPs: 876
number of botnet IPs notified to network operators: 859
number of spam blocked: 40028
recipient count of spam blocked: 1079211

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET516
2UNICOM-ZJ92
3WASU-BB73
4CHINANET-JS10
5WASU8
6UNICOM-GX7
7Chinafic5
8CMNET5
9CHINANET-ZJ5
10CHINANET-GD5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan521
2China278
3India15
4United States9
5Russian Federation7
6Brazil7
7South Korea4
8Italy3
9Colombia3
10Viet Nam2

Wednesday, March 15, 2017

Suspected Bot List [2017-03-14]

detection period: 2017-03-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 11

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BJ197.234.219.81Benin
NI190.212.234.165Nicaragua
SA213.230.22.180Saudi Arabia

List from greylisting:

Botnet Statistics [2017-03-14]

detection period: 2017-03-14 00:00-23:59 UTC
total number of suspected botnet IPs: 871
number of botnet IPs notified to network operators: 860
number of spam blocked: 74140
recipient count of spam blocked: 1929089

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET541
2UNICOM-ZJ82
3WASU-BB64
4CMNET16
5ALISOFT12
6WASU8
7CHINANET-JS7
8CHINANET-GD6
9Chinafic5
10CHINANET-SH4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan543
2China262
3Russian Federation10
4United States9
5India8
6Viet Nam6
7South Korea3
8United Kingdom3
9Bangladesh3
10Pakistan2

Tuesday, March 14, 2017

Suspected Bot List [2017-03-13]

detection period: 2017-03-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 6

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-13]

detection period: 2017-03-13 00:00-23:59 UTC
total number of suspected botnet IPs: 821
number of botnet IPs notified to network operators: 815
number of spam blocked: 98939
recipient count of spam blocked: 2769525

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET560
2WASU-BB71
3UNICOM-ZJ60
4CMNET13
5WASU12
6CHINANET-JS7
7UNICOM-BJ5
8Chinafic5
9CHINANET-AH4
10UNICOM-HA3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan560
2China225
3Russian Federation7
4United States6
5Ukraine3
6United Kingdom3
7Kazakhstan2
8South Korea2
9India2
10Viet Nam1

Monday, March 13, 2017

Suspected Bot List [2017-03-12]

detection period: 2017-03-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 10

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-12]

detection period: 2017-03-12 00:00-23:59 UTC
total number of suspected botnet IPs: 799
number of botnet IPs notified to network operators: 789
number of spam blocked: 107693
recipient count of spam blocked: 2966384

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET595
2UNICOM-ZJ33
3WASU-BB27
4CMNET11
5MSFT10
6WASU5
7Chinafic5
8UNICOM-BJ4
9CHINANET-JS4
10CHINANET-GD4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan595
2China132
3United States22
4Viet Nam7
5Russian Federation7
6India5
7Italy3
8Indonesia3
9Mexico2
10South Korea2

Sunday, March 12, 2017

Suspected Bot List [2017-03-11]

detection period: 2017-03-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 6

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-11]

detection period: 2017-03-11 00:00-23:59 UTC
total number of suspected botnet IPs: 682
number of botnet IPs notified to network operators: 676
number of spam blocked: 95332
recipient count of spam blocked: 2614086

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET577
2CMNET11
3VNPT-VNNIC-VN4
4CHINANET-JS3
5MSFT2
6KORNET-KR2
7Chinafic2
8CHINANET-SD2
9CHINANET-GD2
10ZHEJIANG-ZIXUE-COMMITTEE1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan577
2China56
3United States7
4India5
5Viet Nam4
6Russian Federation4
7South Korea3
8United Kingdom3
9France3
10Egypt2

Saturday, March 11, 2017

Suspected Bot List [2017-03-10]

detection period: 2017-03-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 12

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-10]

detection period: 2017-03-10 00:00-23:59 UTC
total number of suspected botnet IPs: 800
number of botnet IPs notified to network operators: 788
number of spam blocked: 70339
recipient count of spam blocked: 1910213

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET598
2WASU-BB39
3UNICOM-ZJ30
4CMNET14
5WASU7
6Chinafic5
7VNPT-VNNIC-VN3
8UNICOM-SD3
9HICHINA3
10CHINANET-JS3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan598
2China141
3United States6
4United Kingdom6
5Viet Nam4
6Pakistan4
7India4
8Indonesia4
9Ukraine2
10Russian Federation2

Friday, March 10, 2017

Suspected Bot List [2017-03-09]

detection period: 2017-03-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 8

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-09]

detection period: 2017-03-09 00:00-23:59 UTC
total number of suspected botnet IPs: 786
number of botnet IPs notified to network operators: 778
number of spam blocked: 63680
recipient count of spam blocked: 1877573

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET540
2UNICOM-ZJ84
3WASU-BB54
4WASU13
5CMNET8
6Chinafic5
7CHINANET-GD3
8VNPT-VNNIC-VN2
9UNIFIEDLAYER-NETWORK-112
10CNLINKNET2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan541
2China197
3United States8
4Italy5
5Viet Nam4
6United Kingdom4
7Thailand3
8India3
9Russian Federation2
10Iran2

Thursday, March 9, 2017

Suspected Bot List [2017-03-08]

detection period: 2017-03-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 48

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR181.231.28.20Argentina
BO186.27.126.130Bolivia
CO190.60.234.186Colombia
IN125.16.12.146India
IN125.16.240.197India
IN223.196.86.228India
RO185.100.86.167Romania
RO185.105.5.133Romania
RO185.105.5.134Romania
RO185.105.5.135Romania
RO185.105.5.136Romania
RO185.105.5.137Romania
RO185.105.5.138Romania
RO185.105.5.139Romania
RU91.197.234.102Russian Federation
US206.125.41.139United States
US206.125.47.5United States
US206.125.47.7United States
ZA196.46.23.122South Africa

List from greylisting:

Botnet Statistics [2017-03-08]

detection period: 2017-03-08 00:00-23:59 UTC
total number of suspected botnet IPs: 1120
number of botnet IPs notified to network operators: 1073
number of spam blocked: 65538
recipient count of spam blocked: 1856357

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET524
2UNICOM-ZJ87
3WASU-BB68
4UNICOM-GX31
5UNICOM-SD23
6WASU11
7CMNET10
8UNICOM-SC9
9CHINANET-CQ9
10VNPT-VNNIC-VN8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan535
2China364
3India22
4Brazil21
5Iran17
6Viet Nam16
7United States14
8Romania9
9Peru8
10Mexico8

Wednesday, March 8, 2017

Suspected Bot List [2017-03-07]

detection period: 2017-03-07 00:00-23:59 UTC
number of suspected bots' IPs listed here: 36

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-07]

detection period: 2017-03-07 00:00-23:59 UTC
total number of suspected botnet IPs: 871
number of botnet IPs notified to network operators: 835
number of spam blocked: 70660
recipient count of spam blocked: 1925050

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET532
2UNICOM-ZJ72
3WASU-BB68
4WASU11
5VNPT-VNNIC-VN8
6FPT-VN6
7TN-ATI-201005035
8PTCLBB-PK5
9Chinafic5
10CMNET5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan532
2China189
3Viet Nam20
4Mexico14
5India12
6Iran8
7United States7
8Turkey7
9Pakistan7
10Tunisia6

Tuesday, March 7, 2017

Botnet Statistics for February 2017

detection period: 2017-02-01 00:00 - 2017-02-28 23:59 UTC
total number of suspected botnet IPs: 24056
number of blocked spams: 2806870
recipient count of blocked spams: 77607050

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan11646
2China9164
3Viet Nam512
4India434
5United States218
6Russian Federation190
7Brazil150
8Mexico121
9Iran108
10Peru86
11Italy74
12Colombia72
13Turkey68
14South Korea60
15Indonesia57
16Argentina55
17Ukraine53
18Thailand53
19Saudi Arabia48
20United Kingdom48
21Pakistan40
22Spain38
23Germany36
24Chile27
25Israel24

The top 25 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1Taiwan2472445
2China238477
3United States36642
4Poland15817
5Brazil10004
6Colombia6053
7Italy2838
8India2744
9South Korea2657
10Macau2486
11Chile2380
12Russian Federation2000
13Argentina1508
14Ukraine1359
15Azerbaijan1336
16United Kingdom1113
17Saudi Arabia1057
18South Africa1046
19Bolivia917
20Venezuela627
21Germany623
22Pakistan583
23Czech Republic424
24Kazakhstan377
25Viet Nam260

The top 25 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Suspected Bot List [2017-03-06]

detection period: 2017-03-06 00:00-23:59 UTC
number of suspected bots' IPs listed here: 55

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
CO190.60.234.186Colombia
IN125.16.12.146India
IN125.16.240.197India
IN203.192.212.52India
IN223.196.86.228India
US206.125.47.5United States
ZA196.46.23.122South Africa

List from greylisting:

Botnet Statistics [2017-03-06]

detection period: 2017-03-06 00:00-23:59 UTC
total number of suspected botnet IPs: 1048
number of botnet IPs notified to network operators: 993
number of spam blocked: 73863
recipient count of spam blocked: 2113112

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET530
2UNICOM-ZJ70
3WASU-BB40
4VNPT-VNNIC-VN15
5WASU14
6UNICOM-GX13
7CMNET9
8CHINANET-GD9
9VIETEL-VN7
10TN-ATI-201005036

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan534
2China238
3Viet Nam37
4India25
5Brazil22
6Mexico19
7Indonesia13
8Iran12
9United States10
10Colombia9

Monday, March 6, 2017

Suspected Bot List [2017-03-05]

detection period: 2017-03-05 00:00-23:59 UTC
number of suspected bots' IPs listed here: 40

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-05]

detection period: 2017-03-05 00:00-23:59 UTC
total number of suspected botnet IPs: 860
number of botnet IPs notified to network operators: 820
number of spam blocked: 74196
recipient count of spam blocked: 2119941

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET524
2UNICOM-ZJ63
3WASU-BB35
4VNPT-VNNIC-VN22
5CHINANET-GD11
6WASU9
7CMNET9
8MX-CSCV17-LACNIC5
9Chinafic5
10FPT-VN4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan525
2China151
3Viet Nam34
4India22
5Iran19
6Mexico14
7United States8
8Turkey5
9Tunisia5
10Brazil5

Sunday, March 5, 2017

Suspected Bot List [2017-03-04]

detection period: 2017-03-04 00:00-23:59 UTC
number of suspected bots' IPs listed here: 12

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BJ197.234.219.24Benin

List from greylisting:

Botnet Statistics [2017-03-04]

detection period: 2017-03-04 00:00-23:59 UTC
total number of suspected botnet IPs: 730
number of botnet IPs notified to network operators: 718
number of spam blocked: 71750
recipient count of spam blocked: 2083633

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET544
2UNICOM-ZJ50
3WASU-BB27
4CHINANET-GD9
5tonghnetwork5
6PTCLBB-PK5
7WASU3
8UNICOM-HA3
9SRT3
10CMNET3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan544
2China129
3United States7
4Viet Nam5
5Pakistan5
6India3
7Uruguay2
8Russian Federation2
9Poland2
10Kazakhstan2

Saturday, March 4, 2017

Suspected Bot List [2017-03-03]

detection period: 2017-03-03 00:00-23:59 UTC
number of suspected bots' IPs listed here: 6

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-03]

detection period: 2017-03-03 00:00-23:59 UTC
total number of suspected botnet IPs: 873
number of botnet IPs notified to network operators: 867
number of spam blocked: 65056
recipient count of spam blocked: 1829049

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET527
2UNICOM-ZJ88
3WASU-BB65
4MSFT46
5WASU13
6CMNET12
7CHINANET-GD11
8broadNnet-KR3
9VNPT-VNNIC-VN3
10UNICOM-HE3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan528
2China240
3United States51
4Viet Nam7
5Russian Federation7
6South Korea6
7India5
8Brazil4
9United Kingdom2
10France2

Friday, March 3, 2017

Suspected Bot List [2017-03-02]

detection period: 2017-03-02 00:00-23:59 UTC
number of suspected bots' IPs listed here: 11

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO186.27.126.130Bolivia
IN125.16.12.146India
IN223.196.86.228India
RO185.100.86.167Romania
ZA196.46.23.122South Africa

List from greylisting:

Botnet Statistics [2017-03-02]

detection period: 2017-03-02 00:00-23:59 UTC
total number of suspected botnet IPs: 879
number of botnet IPs notified to network operators: 868
number of spam blocked: 69870
recipient count of spam blocked: 1968452

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET539
2UNICOM-ZJ84
3WASU-BB66
4CMNET19
5WASU8
6CHINANET-GD8
7CHINANET-JS7
8UNICOM-HA6
9Chinafic5
10RingLink4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan539
2China258
3Russian Federation14
4United States10
5India8
6South Korea5
7Brazil5
8Viet Nam4
9Thailand4
10Ukraine2

Thursday, March 2, 2017

Suspected Bot List [2017-03-01]

detection period: 2017-03-01 00:00-23:59 UTC
number of suspected bots' IPs listed here: 44

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-03-01]

detection period: 2017-03-01 00:00-23:59 UTC
total number of suspected botnet IPs: 1025
number of botnet IPs notified to network operators: 981
number of spam blocked: 77732
recipient count of spam blocked: 2192793

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET568
2UNICOM-ZJ83
3WASU-BB60
4VNPT-VNNIC-VN33
5WASU19
6CMNET9
7VIETEL-VN7
8FPT-VN6
9CHINANET-GD6
10MX-USCV4-LACNIC5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan568
2China208
3Viet Nam57
4India23
5Iran20
6Mexico19
7Turkey13
8Brazil10
9United States7
10Peru6

Wednesday, March 1, 2017

Suspected Bot List [2017-02-28]

detection period: 2017-02-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 27

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Botnet Statistics [2017-02-28]

detection period: 2017-02-28 00:00-23:59 UTC
total number of suspected botnet IPs: 883
number of botnet IPs notified to network operators: 856
number of spam blocked: 77842
recipient count of spam blocked: 2221577

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET556
2UNICOM-ZJ60
3WASU-BB55
4VNPT-VNNIC-VN23
5WASU14
6CMNET11
7BHARTI-IN8
8CHINANET-GD7
9Chinafic5
10FPT-VN4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1Taiwan556
2China184
3Viet Nam41
4India24
5United States7
6Thailand5
7Iran5
8Indonesia5
9Mexico4
10Turkey3