Custom Search

Saturday, September 30, 2017

Botnet Statistics [2017-09-29]

detection period: 2017-09-29 00:00-23:59 UTC
total number of suspected botnet IPs: 218
number of botnet IPs notified to network operators: 199
number of spam blocked: 36927
recipient count of spam blocked: 616412

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2ALISOFT10
3CHINANET-JS8
4CHINANET-GD7
5LGTELECOM-KR6
6VNPT-VNNIC-VN5
7LSN-DLLSTX-25
8FPT-VN5
9CMNET5
10UNIFIEDLAYER-NETWORK-134

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China101
2Viet Nam17
3United States13
4India12
5South Korea10
6Russian Federation6
7Turkey4
8Thailand4
9Germany4
10Brazil4

Suspected Bot List [2017-09-29]

detection period: 2017-09-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 19

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
RU185.127.25.68Russian Federation
TH122.155.197.9Thailand
TH125.26.207.22Thailand
TH183.89.126.186Thailand
UY167.57.172.164Uruguay

List from greylisting:

Friday, September 29, 2017

Botnet Statistics [2017-09-28]

detection period: 2017-09-28 00:00-23:59 UTC
total number of suspected botnet IPs: 223
number of botnet IPs notified to network operators: 201
number of spam blocked: 39060
recipient count of spam blocked: 545748

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2CHINANET-JS25
3CHINANET-HB12
4CMNET11
5UNIFIEDLAYER-NETWORK-146
6LSN-DLLSTX-16
7CHINANET-ZJ5
8CHINANET-GD5
9VNPT-VNNIC-VN3
10HICHINA3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China131
2United States16
3India15
4Viet Nam7
5Russian Federation7
6Brazil5
7Turkey3
8Pakistan3
9South Korea3
10Indonesia2

Suspected Bot List [2017-09-28]

detection period: 2017-09-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 22

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
GB185.190.57.88United Kingdom
RU185.127.25.68Russian Federation
US206.125.41.139United States

List from greylisting:

Thursday, September 28, 2017

Botnet Statistics [2017-09-27]

detection period: 2017-09-27 00:00-23:59 UTC
total number of suspected botnet IPs: 212
number of botnet IPs notified to network operators: 189
number of spam blocked: 54893
recipient count of spam blocked: 1108778

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2CHINANET-FJ9
3CHINANET-JS8
4CHINANET-GD8
5CMNET7
6VNPT-VNNIC-VN6
7LSN-DLLSTX-15
8RO-SCCH-CENTER-185-123-220-0-234
9HICHINA4
10ETC-VNNIC-VN4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China107
2India14
3Viet Nam13
4United States8
5Russian Federation7
6Brazil6
7Romania5
8Bulgaria5
9Turkey3
10Macedonia3

Suspected Bot List [2017-09-27]

detection period: 2017-09-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 23

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
RU185.127.25.68Russian Federation
US206.125.41.139United States

List from greylisting:

Wednesday, September 27, 2017

Botnet Statistics [2017-09-26]

detection period: 2017-09-26 00:00-23:59 UTC
total number of suspected botnet IPs: 243
number of botnet IPs notified to network operators: 215
number of spam blocked: 35308
recipient count of spam blocked: 591945

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2CHINANET-GD14
3VNPT-VNNIC-VN11
4CHINANET-JS9
5BHARTI-IN8
6Turkbil-internet-hizmetleri6
7RO-SCCH-CENTER-185-123-220-0-236
8LSN-DLLSTX-16
9HINET-NET5
10UNICOM4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China116
2Viet Nam14
3India14
4United States9
5Taiwan8
6Turkey8
7Romania7
8Mexico7
9Russian Federation6
10South Korea5

Suspected Bot List [2017-09-26]

detection period: 2017-09-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 28

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
US206.125.41.139United States
UY167.57.172.213Uruguay
ZA196.46.23.122South Africa

List from greylisting:

Tuesday, September 26, 2017

Botnet Statistics [2017-09-25]

detection period: 2017-09-25 00:00-23:59 UTC
total number of suspected botnet IPs: 214
number of botnet IPs notified to network operators: 188
number of spam blocked: 19532
recipient count of spam blocked: 116861

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu51
2CHINANET-FJ11
3CHINANET-GD10
4VNPT-VNNIC-VN9
5CHINANET-JS8
6BHARTI-IN8
7Turkbil-internet-hizmetleri6
8RO-SCCH-CENTER-185-123-220-0-236
9LSN-DLLSTX-16
10CHINANET-HB5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China102
2India16
3Viet Nam13
4United States12
5Brazil8
6Turkey7
7Romania7
8Italy6
9Russian Federation4
10South Korea4

Suspected Bot List [2017-09-25]

detection period: 2017-09-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 26

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
IN223.191.25.64India
RS89.216.28.123Serbia

List from greylisting:

Monday, September 25, 2017

Botnet Statistics [2017-09-24]

detection period: 2017-09-24 00:00-23:59 UTC
total number of suspected botnet IPs: 105
number of botnet IPs notified to network operators: 99
number of spam blocked: 3820
recipient count of spam blocked: 50811

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu51
2CHINANET-JS9
3CHINANET-FJ9
4CHINANET-GD5
5LSN-DLLSTX-23
6ALISOFT3
7IT-TECHNORAIL-200808142
8CMNET2
9CHINANET-HB2
10origo-com-tr-229491

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China87
2Russian Federation5
3United States4
4Italy3
5Turkey1
6Tunisia1
7Mexico1
8South Korea1
9Iran1
10United Kingdom1

Suspected Bot List [2017-09-24]

detection period: 2017-09-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 6

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, September 24, 2017

Botnet Statistics [2017-09-23]

detection period: 2017-09-23 00:00-23:59 UTC
total number of suspected botnet IPs: 184
number of botnet IPs notified to network operators: 180
number of spam blocked: 8350
recipient count of spam blocked: 56123

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu51
2CHINANET-GD48
3CHINANET-JS18
4CHINANET-FJ8
5CHINANET-HB5
6CHINANET-ZJ4
7IT-TECHNORAIL-200808143
8HOSTWINDS-19-13
9CMNET3
10CHINANET-ZJ-NB3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China157
2United States8
3Italy4
4Russian Federation2
5South Korea2
6Viet Nam1
7Turkey1
8Tunisia1
9Malaysia1
10Mexico1

Suspected Bot List [2017-09-23]

detection period: 2017-09-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 4

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, September 23, 2017

Botnet Statistics [2017-09-22]

detection period: 2017-09-22 00:00-23:59 UTC
total number of suspected botnet IPs: 216
number of botnet IPs notified to network operators: 207
number of spam blocked: 16773
recipient count of spam blocked: 30344

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2CHINANET-GD39
3CHINANET-FJ14
4WASU11
5CHINANET-JS7
6RO-SCCH-CENTER-185-123-220-0-236
7HOSTWINDS-19-16
8ALISOFT6
9VNPT-VNNIC-VN5
10CMNET4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China154
2United States10
3India8
4Viet Nam7
5Romania6
6Russian Federation5
7Italy4
8South Korea3
9Brazil3
10Iran2

Suspected Bot List [2017-09-22]

detection period: 2017-09-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 9

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Friday, September 22, 2017

Botnet Statistics [2017-09-21]

detection period: 2017-09-21 00:00-23:59 UTC
total number of suspected botnet IPs: 319
number of botnet IPs notified to network operators: 297
number of spam blocked: 25448
recipient count of spam blocked: 72756

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2WASU50
3CMNET49
4CHINANET-GD21
5CHINANET-FJ10
6Turkbil-internet-hizmetleri9
7CHINANET-JS8
8VNPT-VNNIC-VN5
9UNIFIEDLAYER-NETWORK-145
10ALISOFT5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China224
2United States16
3Turkey11
4Viet Nam9
5Italy6
6Indonesia6
7Taiwan3
8Mexico3
9France3
10Thailand2

Suspected Bot List [2017-09-21]

detection period: 2017-09-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 22

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
LK122.255.31.42Sri Lanka
RU80.254.115.87Russian Federation
TH61.7.236.60Thailand
TH122.154.239.123Thailand

List from greylisting:

Thursday, September 21, 2017

Botnet Statistics [2017-09-20]

detection period: 2017-09-20 00:00-23:59 UTC
total number of suspected botnet IPs: 355
number of botnet IPs notified to network operators: 322
number of spam blocked: 24285
recipient count of spam blocked: 96271

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2WASU47
3CMNET41
4CHINANET-JS29
5VNPT-VNNIC-VN13
6CHINANET-FJ7
7BHARTI-IN7
8UNIFIEDLAYER-NETWORK-136
9CHINANET-GD6
10UNIFIEDLAYER-NETWORK-145

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China221
2United States21
3India16
4Viet Nam14
5South Korea9
6Italy6
7Turkey5
8Mexico5
9Indonesia5
10Spain4

Suspected Bot List [2017-09-20]

detection period: 2017-09-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 33

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BW168.167.251.213Botswana
TH182.53.243.228Thailand

List from greylisting:

Wednesday, September 20, 2017

Botnet Statistics [2017-09-19]

detection period: 2017-09-19 00:00-23:59 UTC
total number of suspected botnet IPs: 339
number of botnet IPs notified to network operators: 320
number of spam blocked: 17766
recipient count of spam blocked: 96678

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET74
2Baidu52
3WASU30
4VNPT-VNNIC-VN15
5CHINANET-FJ14
6Turkbil-internet-hizmetleri11
7CHINANET-JS10
8CHINANET-GD10
9UNIFIEDLAYER-NETWORK-147
10LGTELECOM-KR5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China225
2United States21
3Viet Nam20
4Turkey13
5India9
6South Korea6
7Mexico5
8Brazil5
9Italy3
10Singapore2

Suspected Bot List [2017-09-19]

detection period: 2017-09-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 19

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Tuesday, September 19, 2017

Botnet Statistics [2017-09-18]

detection period: 2017-09-18 00:00-23:59 UTC
total number of suspected botnet IPs: 287
number of botnet IPs notified to network operators: 278
number of spam blocked: 16097
recipient count of spam blocked: 71844

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2WASU42
3CMNET32
4CHINANET-SD10
5CHINANET-GD9
6HICHINA8
7CHINANET-JS8
8ALISOFT8
9CHINANET-ZJ-NB5
10UNIFIEDLAYER-NETWORK-144

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China213
2United States16
3Mexico5
4Colombia5
5Taiwan4
6Italy4
7Japan3
8Indonesia3
9Chile3
10Bolivia3

Suspected Bot List [2017-09-18]

detection period: 2017-09-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 9

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
CA167.114.7.103Canada
TH61.7.236.60Thailand
TH125.26.207.22Thailand

List from greylisting:

Monday, September 18, 2017

Botnet Statistics [2017-09-17]

detection period: 2017-09-17 00:00-23:59 UTC
total number of suspected botnet IPs: 151
number of botnet IPs notified to network operators: 147
number of spam blocked: 4124
recipient count of spam blocked: 29408

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2MSFT14
3CHINANET-FJ11
4CHINANET-GD9
5CHINANET-JS8
6CMNET7
7HICHINA6
8CHINANET-SD6
9ALISOFT5
10CHINANET-AH3

The top 8 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China122
2United States17
3Russian Federation4
4Japan3
5Italy2
6Tunisia1
7Hong Kong1
8France1

Suspected Bot List [2017-09-17]

detection period: 2017-09-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 4

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, September 17, 2017

Botnet Statistics [2017-09-16]

detection period: 2017-09-16 00:00-23:59 UTC
total number of suspected botnet IPs: 123
number of botnet IPs notified to network operators: 119
number of spam blocked: 6939
recipient count of spam blocked: 8409

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2CHINANET-FJ13
3CHINANET-JS5
4CMNET4
5CHINANET-GD4
6UNIFIEDLAYER-NETWORK-133
7HICHINA3
8CHINANET-SN3
9UNIFIEDLAYER-NETWORK-142
10UNICOM-HA2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China100
2United States10
3Russian Federation3
4Japan3
5Viet Nam1
6Tunisia1
7Netherlands1
8Indonesia1
9France1
10Germany1

Suspected Bot List [2017-09-16]

detection period: 2017-09-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 4

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, September 16, 2017

Botnet Statistics [2017-09-15]

detection period: 2017-09-15 00:00-23:59 UTC
total number of suspected botnet IPs: 173
number of botnet IPs notified to network operators: 172
number of spam blocked: 16068
recipient count of spam blocked: 25378

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2WASU33
3CHINANET-JS15
4UNIFIEDLAYER-NETWORK-138
5CHINANET-SD8
6CHINANET-FJ7
7CHINANET-GD6
8UNIFIEDLAYER-NETWORK-144
9CHINANET-JX4
10CMNET3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China146
2United States17
3Japan2
4Hong Kong2
5Taiwan1
6Tunisia1
7Singapore1
8Russian Federation1
9France1
10Canada1

Suspected Bot List [2017-09-15]

detection period: 2017-09-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Friday, September 15, 2017

Botnet Statistics [2017-09-14]

detection period: 2017-09-14 00:00-23:59 UTC
total number of suspected botnet IPs: 334
number of botnet IPs notified to network operators: 324
number of spam blocked: 6626
recipient count of spam blocked: 50086

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU84
2CMNET65
3Baidu52
4CHINANET-FJ12
5CHINANET-JX9
6CHINANET-SD7
7CHINANET-JS6
8HICHINA5
9CHINANET-GD5
10CHINANET-ZJ-ZX4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China277
2India8
3United States6
4Viet Nam5
5Brazil5
6Iran3
7Bulgaria3
8Taiwan2
9Tunisia2
10Nigeria2

Suspected Bot List [2017-09-14]

detection period: 2017-09-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 10

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Thursday, September 14, 2017

Botnet Statistics [2017-09-13]

detection period: 2017-09-13 00:00-23:59 UTC
total number of suspected botnet IPs: 572
number of botnet IPs notified to network operators: 548
number of spam blocked: 20837
recipient count of spam blocked: 125573

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1MSFT233
2WASU78
3Baidu52
4CMNET50
5CHINANET-JS14
6CHINANET-FJ14
7ALISOFT12
8UNIFIEDLAYER-NETWORK-147
9CHINANET-SD7
10CHINANET-HB7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China287
2United States250
3Taiwan7
4Thailand3
5Japan3
6Bulgaria3
7Tunisia2
8Chile2
9Brazil2
10Viet Nam1

Suspected Bot List [2017-09-13]

detection period: 2017-09-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 24

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO200.7.160.167Bolivia
TH61.7.236.60Thailand
TH125.26.207.22Thailand
TW123.194.224.234Taiwan
UY179.25.182.47Uruguay

List from greylisting:

Wednesday, September 13, 2017

Suspected Bots' IP List for August 2017

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below). You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2017-08-01]
Suspected Bots IP [2017-08-02]
Suspected Bots IP [2017-08-03]
Suspected Bots IP [2017-08-04]
Suspected Bots IP [2017-08-05]
Suspected Bots IP [2017-08-06]
Suspected Bots IP [2017-08-07]
Suspected Bots IP [2017-08-08]
Suspected Bots IP [2017-08-09]
Suspected Bots IP [2017-08-10]
Suspected Bots IP [2017-08-11]
Suspected Bots IP [2017-08-12]
Suspected Bots IP [2017-08-13]
Suspected Bots IP [2017-08-14]
Suspected Bots IP [2017-08-15]
Suspected Bots IP [2017-08-16]
Suspected Bots IP [2017-08-17]
Suspected Bots IP [2017-08-18]
Suspected Bots IP [2017-08-19]
Suspected Bots IP [2017-08-20]
Suspected Bots IP [2017-08-21]
Suspected Bots IP [2017-08-22]
Suspected Bots IP [2017-08-23]
Suspected Bots IP [2017-08-24]
Suspected Bots IP [2017-08-25]
Suspected Bots IP [2017-08-26]
Suspected Bots IP [2017-08-27]
Suspected Bots IP [2017-08-28]
Suspected Bots IP [2017-08-29]
Suspected Bots IP [2017-08-30]
Suspected Bots IP [2017-08-31]

Botnet Statistics [2017-09-12]

detection period: 2017-09-12 00:00-23:59 UTC
total number of suspected botnet IPs: 379
number of botnet IPs notified to network operators: 369
number of spam blocked: 19591
recipient count of spam blocked: 19620

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET82
2MSFT59
3Baidu52
4WASU40
5CHINANET-FJ12
6CHINANET-JS11
7IINET-AU8
8UNIFIEDLAYER-NETWORK-157
9CHINANET-JX7
10CHINANET-AH7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China255
2United States74
3India8
4Australia8
5Viet Nam5
6Iran4
7Mexico3
8Japan3
9Peru2
10Ukraine1

Suspected Bot List [2017-09-12]

detection period: 2017-09-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 10

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Tuesday, September 12, 2017

Botnet Statistics [2017-09-11]

detection period: 2017-09-11 00:00-23:59 UTC
total number of suspected botnet IPs: 334
number of botnet IPs notified to network operators: 311
number of spam blocked: 17042
recipient count of spam blocked: 17051

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET59
2Baidu52
3WASU28
4MSFT14
5CHINANET-FJ11
6UNIFIEDLAYER-NETWORK-158
7CHINANET-JS7
8VNPT-VNNIC-VN6
9UNIFIEDLAYER-NETWORK-146
10CHINANET-HN6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China203
2United States33
3Viet Nam18
4India10
5Iran6
6Brazil6
7Turkey5
8Mexico4
9Italy4
10Colombia4

Suspected Bot List [2017-09-11]

detection period: 2017-09-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 23

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Monday, September 11, 2017

Botnet Statistics [2017-09-10]

detection period: 2017-09-10 00:00-23:59 UTC
total number of suspected botnet IPs: 150
number of botnet IPs notified to network operators: 144
number of spam blocked: 4086
recipient count of spam blocked: 4086

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1MSFT53
2Baidu52
3IINET-AU5
4CHINANET-JS4
5UNIFIEDLAYER-NETWORK-143
6CHINANET-SD3
7CHINANET-GD3
8CHINANET-FJ3
9UNIFIEDLAYER-NETWORK-152
10tonghnetwork1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China76
2United States61
3Australia5
4Viet Nam1
5Tunisia1
6Russian Federation1
7Nigeria1
8South Korea1
9Japan1
10Italy1

Suspected Bot List [2017-09-10]

detection period: 2017-09-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 6

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Friday, September 8, 2017

Botnet Statistics [2017-09-07]

detection period: 2017-09-07 00:00-23:59 UTC
total number of suspected botnet IPs: 259
number of botnet IPs notified to network operators: 227
number of spam blocked: 18426
recipient count of spam blocked: 71151

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2CHINANET-GD16
3CHINANET-FJ13
4UNIFIEDLAYER-NETWORK-1412
5CHINANET-JS9
6VNPT-VNNIC-VN8
7VIETEL-VNNIC-VN4
8CHINANET-SD4
9CHINANET-AH4
10BHARTI-IN4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China133
2Viet Nam20
3United States19
4India16
5Mexico9
6Italy6
7Taiwan4
8Thailand4
9Colombia4
10Argentina3

Suspected Bot List [2017-09-07]

detection period: 2017-09-07 00:00-23:59 UTC
number of suspected bots' IPs listed here: 32

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO200.7.160.167Bolivia
TH61.7.241.50Thailand
TH123.242.161.20Thailand
UY179.25.175.155Uruguay

List from greylisting:

Thursday, September 7, 2017

Botnet Statistics [2017-09-06]

detection period: 2017-09-06 00:00-23:59 UTC
total number of suspected botnet IPs: 293
number of botnet IPs notified to network operators: 261
number of spam blocked: 20935
recipient count of spam blocked: 46279

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu51
2CHINANET-GD12
3CHINANET-SD11
4CHINANET-FJ11
5VNPT-VNNIC-VN10
6CHINANET-JS9
7UNIFIEDLAYER-NETWORK-147
8UNIFIEDLAYER-NETWORK-156
9HICHINA6
10ALISOFT6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China150
2United States19
3Viet Nam17
4India13
5Mexico10
6Iran8
7Brazil8
8Colombia6
9Chile6
10Indonesia5

Suspected Bot List [2017-09-06]

detection period: 2017-09-06 00:00-23:59 UTC
number of suspected bots' IPs listed here: 32

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO200.7.160.167Bolivia
TH125.26.207.22Thailand

List from greylisting:

Wednesday, September 6, 2017

Botnet Statistics [2017-09-05]

detection period: 2017-09-05 00:00-23:59 UTC
total number of suspected botnet IPs: 203
number of botnet IPs notified to network operators: 177
number of spam blocked: 19208
recipient count of spam blocked: 19208

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2CHINANET-JS11
3CHINANET-GD10
4UNIFIEDLAYER-NETWORK-147
5CHINANET-SD7
6LSN-DLLSTX-26
7CMNET6
8CHINANET-FJ6
9BHARTI-IN5
10CHINANET-HN3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China116
2India18
3United States16
4Viet Nam8
5Brazil5
6Iran4
7Philippines3
8Russian Federation2
9Netherlands2
10Mexico2

Suspected Bot List [2017-09-05]

detection period: 2017-09-05 00:00-23:59 UTC
number of suspected bots' IPs listed here: 26

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Tuesday, September 5, 2017

Botnet Statistics [2017-09-04]

detection period: 2017-09-04 00:00-23:59 UTC
total number of suspected botnet IPs: 161
number of botnet IPs notified to network operators: 149
number of spam blocked: 5937
recipient count of spam blocked: 135193

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu52
2CHINANET-GD6
3CHINANET-JS5
4VNPT-VNNIC-VN4
5HICHINA4
6UNICOM-GD3
7LSN-DLLSTX-23
8CHINANET-JX3
9CHINANET-HB3
10CHINANET-HA3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China99
2India14
3Viet Nam8
4United States7
5Iran6
6Indonesia5
7Bangladesh2
8Argentina2
9Venezuela1
10Taiwan1

Suspected Bot List [2017-09-04]

detection period: 2017-09-04 00:00-23:59 UTC
number of suspected bots' IPs listed here: 12

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Monday, September 4, 2017

Botnet Statistics [2017-09-03]

detection period: 2017-09-03 00:00-23:59 UTC
total number of suspected botnet IPs: 100
number of botnet IPs notified to network operators: 96
number of spam blocked: 3652
recipient count of spam blocked: 3652

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu48
2CHINANET-GD8
3CMNET4
4LSN-DLLSTX-23
5CHINANET-ZJ3
6HICHINA2
7DXTNET2
8CHINANET-SN2
9CHINANET-JS2
10tonghnetwork1

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China87
2United States3
3Romania1
4Mexico1
5Kuwait1
6South Korea1
7Italy1
8India1
9United Kingdom1
10Spain1

Suspected Bot List [2017-09-03]

detection period: 2017-09-03 00:00-23:59 UTC
number of suspected bots' IPs listed here: 4

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, September 3, 2017

Botnet Statistics [2017-09-02]

detection period: 2017-09-02 00:00-23:59 UTC
total number of suspected botnet IPs: 139
number of botnet IPs notified to network operators: 127
number of spam blocked: 8716
recipient count of spam blocked: 39692

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1Baidu44
2CHINANET-GD12
3HICHINA8
4ALISOFT7
5LSN-DLLSTX-25
6CHINANET-JS5
7CHINANET-JX3
8totnet2
9TencentCloud2
10OVH-ARIN-62

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China97
2United States8
3Thailand6
4Russian Federation4
5Canada4
6Taiwan2
7South Korea2
8Indonesia2
9Germany2
10Chile2

Suspected Bot List [2017-09-02]

detection period: 2017-09-02 00:00-23:59 UTC
number of suspected bots' IPs listed here: 12

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
TH61.7.236.60Thailand
TH61.7.241.50Thailand
TH61.19.33.74Thailand
TH125.24.137.52Thailand
TH125.26.207.22Thailand

List from greylisting:

Saturday, September 2, 2017

Botnet Statistics for August 2017

detection period: 2017-08-01 00:00 - 2017-08-31 23:59 UTC
total number of suspected botnet IPs: 9013
number of blocked spams: 1396677
recipient count of blocked spams: 30757477

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China4954
2United States1497
3India358
4Viet Nam283
5Taiwan184
6Poland128
7Brazil113
8Hong Kong111
9Russian Federation97
10Netherlands95
11Czech Republic73
12Iran68
13United Kingdom59
14Indonesia56
15Bulgaria48
16Chile44
17Pakistan41
18Germany40
19Canada38
20Italy37
21Mexico35
22Colombia33
23Bangladesh33
24Turkey32
25Thailand29

The top 25 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1China416753
2United States219893
3South Korea146727
4Poland130592
5Brazil128491
6Russian Federation66056
7Venezuela40183
8United Kingdom26491
9South Africa21861
10Hong Kong20718
11Canada16188
12Netherlands15145
13Azerbaijan14865
14Czech Republic13094
15Saint Kitts And Nevis12073
16Germany11993
17Viet Nam11733
18Singapore10211
19Japan8896
20France8158
21Bulgaria7076
22Arab Emirates6979
23Libya4352
24Mexico3705
25Norway3428

The top 25 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Botnet Statistics [2017-09-01]

detection period: 2017-09-01 00:00-23:59 UTC
total number of suspected botnet IPs: 214
number of botnet IPs notified to network operators: 178
number of spam blocked: 17265
recipient count of spam blocked: 17265

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET43
2Baidu36
3WASU18
4UNIFIEDLAYER-NETWORK-1411
5CHINANET-GD6
6VNPT-VNNIC-VN5
7CHINANET-JS5
8UNICOM4
9CHINANET-YN4
10BSNLNET4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China134
2India20
3United States16
4Viet Nam13
5Russian Federation3
6Brazil3
7Thailand2
8Pakistan2
9Spain2
10Ukraine1

Suspected Bot List [2017-09-01]

detection period: 2017-09-01 00:00-23:59 UTC
number of suspected bots' IPs listed here: 36

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Friday, September 1, 2017

Botnet Statistics [2017-08-31]

detection period: 2017-08-31 00:00-23:59 UTC
total number of suspected botnet IPs: 391
number of botnet IPs notified to network operators: 353
number of spam blocked: 24226
recipient count of spam blocked: 86214

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET81
2WASU43
3Baidu36
4CHINANET-JS25
5VNPT-VNNIC-VN11
6CHINANET-GD9
7BSNLNET8
8BHARTI-IN8
9UNICOM7
10HICHINA7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China242
2India39
3Viet Nam21
4United States16
5Brazil5
6Bangladesh5
7Turkey4
8Pakistan4
9Iran4
10Indonesia4

Suspected Bot List [2017-08-31]

detection period: 2017-08-31 00:00-23:59 UTC
number of suspected bots' IPs listed here: 38

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO190.129.65.242Bolivia
CA167.114.39.68Canada
GR62.169.214.53Greece
PK202.61.51.123Pakistan
TH125.26.207.22Thailand

List from greylisting: