Custom Search

Thursday, May 31, 2018

Botnet Statistics [2018-05-30]

detection period: 2018-05-30 00:00-23:59 UTC
total number of suspected botnet IPs: 645
number of botnet IPs notified to network operators: 592
number of spam blocked: 17335
recipient count of spam blocked: 326530

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud20
2KORNET-KR18
3CMNET12
4CHINANET-JS12
5CHINANET-GD11
6broadNnet-KR8
7HINET-NET7
8CO-ACSA-LACNIC7
9Baidu7
10GO-DADDY-COM-LLC6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China163
2United States56
3France50
4South Korea35
5Brazil34
6India29
7Russian Federation26
8Viet Nam19
9Italy15
10Indonesia15

Suspected Bot List [2018-05-30]

detection period: 2018-05-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 53

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Wednesday, May 30, 2018

Botnet Statistics [2018-05-29]

detection period: 2018-05-29 00:00-23:59 UTC
total number of suspected botnet IPs: 559
number of botnet IPs notified to network operators: 518
number of spam blocked: 25195
recipient count of spam blocked: 442946

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR19
2TencentCloud16
3CHINANET-JS13
4CO-ACSA-LACNIC8
5broadNnet-KR7
6CMNET7
7VNPT-VNNIC-VN6
8FR-OVH6
9DOPI16
10CHINANET-GD5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China120
2United States48
3France48
4South Korea38
5Russian Federation25
6Brazil23
7India21
8United Kingdom17
9Viet Nam16
10Germany16

Suspected Bot List [2018-05-29]

detection period: 2018-05-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 41

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Tuesday, May 29, 2018

Botnet Statistics [2018-05-28]

detection period: 2018-05-28 00:00-23:59 UTC
total number of suspected botnet IPs: 204
number of botnet IPs notified to network operators: 187
number of spam blocked: 8433
recipient count of spam blocked: 171123

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS7
2TencentCloud5
3VNPT-VNNIC-VN4
4CMNET4
5VIETEL-VN3
6KORNET-KR3
7KIDC-KR3
8CHINANET-ZJ3
9CHINANET-SH3
10informtech-nforce2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China49
2United States29
3France19
4Russian Federation11
5Brazil10
6Viet Nam9
7South Korea7
8Italy5
9Malaysia4
10India4

Suspected Bot List [2018-05-28]

detection period: 2018-05-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 17

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Monday, May 28, 2018

Suspected Bots' IP List for April 2018

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below). You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2018-04-01]
Suspected Bots IP [2018-04-02]
Suspected Bots IP [2018-04-03]
Suspected Bots IP [2018-04-04]
Suspected Bots IP [2018-04-05]
Suspected Bots IP [2018-04-06]
Suspected Bots IP [2018-04-07]
Suspected Bots IP [2018-04-08]
Suspected Bots IP [2018-04-09]
Suspected Bots IP [2018-04-10]
Suspected Bots IP [2018-04-11]
Suspected Bots IP [2018-04-12]
Suspected Bots IP [2018-04-13]
Suspected Bots IP [2018-04-14]
Suspected Bots IP [2018-04-15]
Suspected Bots IP [2018-04-16]
Suspected Bots IP [2018-04-17]
Suspected Bots IP [2018-04-18]
Suspected Bots IP [2018-04-19]
Suspected Bots IP [2018-04-20]
Suspected Bots IP [2018-04-21]
Suspected Bots IP [2018-04-22]
Suspected Bots IP [2018-04-23]
Suspected Bots IP [2018-04-24]
Suspected Bots IP [2018-04-25]
Suspected Bots IP [2018-04-26]
Suspected Bots IP [2018-04-27]
Suspected Bots IP [2018-04-28]
Suspected Bots IP [2018-04-29]
Suspected Bots IP [2018-04-30]

Botnet Statistics [2018-05-27]

detection period: 2018-05-27 00:00-23:59 UTC
total number of suspected botnet IPs: 141
number of botnet IPs notified to network operators: 135
number of spam blocked: 21092
recipient count of spam blocked: 631966

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud8
2CMNET6
3VNPT-VNNIC-VN5
4CHINANET-JS5
5CO-ACSA-LACNIC4
6KORNET-KR3
7EC-ANSA-LACNIC3
8CHINANET-ZJ3
9Baidu3
10broadNnet-KR2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China46
2United States15
3South Korea8
4Viet Nam6
5Italy5
6Colombia5
7Brazil5
8Germany4
9Malaysia3
10India3

Suspected Bot List [2018-05-27]

detection period: 2018-05-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 6

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, May 27, 2018

Botnet Statistics [2018-05-26]

detection period: 2018-05-26 00:00-23:59 UTC
total number of suspected botnet IPs: 180
number of botnet IPs notified to network operators: 168
number of spam blocked: 30891
recipient count of spam blocked: 796491

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud11
2CHINANET-JS8
3CHINANET-ZJ4
4broadNnet-KR3
5KORNET-KR3
6CHINANET-YN3
7CHINANET-JX3
8VNPT-VNNIC-VN2
9UNICOM-LN2
10UNICOM-CN2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China63
2United States18
3Italy12
4France9
5South Korea8
6Thailand7
7Russian Federation7
8India6
9Brazil6
10Colombia4

Suspected Bot List [2018-05-26]

detection period: 2018-05-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 12

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, May 26, 2018

Botnet Statistics [2018-05-25]

detection period: 2018-05-25 00:00-23:59 UTC
total number of suspected botnet IPs: 370
number of botnet IPs notified to network operators: 352
number of spam blocked: 35237
recipient count of spam blocked: 824124

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud13
2KORNET-KR11
3CHINANET-JS10
4VNPT-VNNIC-VN7
5TENCENT-CN6
6broadNnet-KR5
7ZZGIANT4
8FR-OVH4
9DOPI14
10CO-ACSA-LACNIC4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China86
2United States43
3France36
4Russian Federation20
5South Korea19
6Brazil19
7India18
8Italy15
9Viet Nam11
10United Kingdom9

Suspected Bot List [2018-05-25]

detection period: 2018-05-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 18

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Friday, May 25, 2018

Botnet Statistics [2018-05-24]

detection period: 2018-05-24 00:00-23:59 UTC
total number of suspected botnet IPs: 628
number of botnet IPs notified to network operators: 581
number of spam blocked: 42718
recipient count of spam blocked: 1145066

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud20
2KORNET-KR13
3CHINANET-JS12
4broadNnet-KR10
5GO-DADDY-COM-LLC9
6CO-ACSA-LACNIC9
7CMNET9
8OVH6
9AT-88-Z6
10VNPT-VNNIC-VN5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China130
2United States74
3France56
4South Korea37
5India35
6Brazil28
7Russian Federation26
8Germany20
9Viet Nam16
10United Kingdom15

Suspected Bot List [2018-05-24]

detection period: 2018-05-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 47

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Thursday, May 24, 2018

Botnet Statistics [2018-05-23]

detection period: 2018-05-23 00:00-23:59 UTC
total number of suspected botnet IPs: 579
number of botnet IPs notified to network operators: 538
number of spam blocked: 50573
recipient count of spam blocked: 1310585

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud16
2KORNET-KR14
3CO-ACSA-LACNIC11
4CMNET11
5CHINANET-GD10
6CHINANET-JS9
7HINET-NET6
8GO-DADDY-COM-LLC6
9broadNnet-KR5
10VIETEL-VN5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China133
2United States67
3France45
4South Korea33
5Brazil25
6India21
7Germany20
8Colombia20
9Russian Federation17
10Italy17

Suspected Bot List [2018-05-23]

detection period: 2018-05-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 42

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Wednesday, May 23, 2018

Botnet Statistics [2018-05-22]

detection period: 2018-05-22 00:00-23:59 UTC
total number of suspected botnet IPs: 399
number of botnet IPs notified to network operators: 363
number of spam blocked: 39593
recipient count of spam blocked: 1014544

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud16
2KORNET-KR11
3CHINANET-JS8
4GOOGLE-CLOUD5
5CHINANET-GD5
6broadNnet-KR4
7THAINET-TH4
8CO-ACSA-LACNIC4
9Baidu4
10AT-88-Z4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China78
2United States56
3France24
4South Korea20
5Russian Federation18
6India16
7Germany15
8Brazil15
9Canada14
10Thailand11

Suspected Bot List [2018-05-22]

detection period: 2018-05-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 36

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Tuesday, May 22, 2018

Botnet Statistics [2018-05-21]

detection period: 2018-05-21 00:00-23:59 UTC
total number of suspected botnet IPs: 321
number of botnet IPs notified to network operators: 305
number of spam blocked: 24940
recipient count of spam blocked: 664158

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR10
2TencentCloud9
3CHINANET-JX6
4CHINANET-JS6
5broadNnet-KR4
6THAINET-TH4
7GOOGLE-CLOUD4
8FR-OVH4
9AT-88-Z4
10hcmccable-net3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China56
2United States55
3France28
4South Korea18
5India17
6Russian Federation15
7Germany14
8Brazil12
9Viet Nam8
10Italy8

Suspected Bot List [2018-05-21]

detection period: 2018-05-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 16

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Monday, May 21, 2018

Botnet Statistics [2018-05-20]

detection period: 2018-05-20 00:00-23:59 UTC
total number of suspected botnet IPs: 200
number of botnet IPs notified to network operators: 192
number of spam blocked: 24381
recipient count of spam blocked: 761293

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud13
2KORNET-KR7
3CHINANET-JX7
4VNPT-VNNIC-VN5
5TENCENT-CN4
6CHINANET-JS4
7CMNET3
8CHINANET-ZJ3
9CHINANET-SH3
10CHINANET-GD3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China70
2United States24
3Brazil11
4South Korea10
5France10
6Russian Federation9
7Italy9
8Viet Nam6
9India4
10United Kingdom3

Suspected Bot List [2018-05-20]

detection period: 2018-05-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 8

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, May 20, 2018

Botnet Statistics [2018-05-19]

detection period: 2018-05-19 00:00-23:59 UTC
total number of suspected botnet IPs: 458
number of botnet IPs notified to network operators: 423
number of spam blocked: 25387
recipient count of spam blocked: 760381

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud17
2KORNET-KR14
3TENCENT-CN8
4VNPT-VNNIC-VN7
5CMNET7
6CHINANET-JS7
7CHINANET-GD6
8broadNnet-KR5
9AT-88-Z5
10MSFT4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China112
2United States54
3France29
4South Korea28
5India21
6Brazil18
7Russian Federation17
8Italy14
9Viet Nam13
10Indonesia13

Suspected Bot List [2018-05-19]

detection period: 2018-05-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 37

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, May 19, 2018

Botnet Statistics [2018-05-18]

detection period: 2018-05-18 00:00-23:59 UTC
total number of suspected botnet IPs: 288
number of botnet IPs notified to network operators: 271
number of spam blocked: 26242
recipient count of spam blocked: 637784

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud11
2KORNET-KR8
3VNPT-VNNIC-VN5
4MSFT5
5CHINANET-JX5
6CHINANET-JS5
7VE-CSVE-LACNIC4
8UNKNOWN4
9DOPI14
10BORANET-KR4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China69
2United States36
3France26
4South Korea15
5India12
6Viet Nam10
7Russian Federation9
8Brazil9
9Italy7
10United Kingdom7

Suspected Bot List [2018-05-18]

detection period: 2018-05-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 17

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Friday, May 18, 2018

Botnet Statistics [2018-05-17]

detection period: 2018-05-17 00:00-23:59 UTC
total number of suspected botnet IPs: 455
number of botnet IPs notified to network operators: 420
number of spam blocked: 30412
recipient count of spam blocked: 752656

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud18
2KORNET-KR10
3MSFT8
4VNPT-VNNIC-VN7
5CHINANET-ZJ6
6broadNnet-KR5
7CHINANET-JS5
8CHINANET-GD5
9UNICOM-AH4
10IUNET-BNET804

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China88
2United States69
3France36
4South Korea24
5India19
6Brazil17
7Russian Federation16
8Italy16
9Viet Nam15
10Indonesia10

Suspected Bot List [2018-05-17]

detection period: 2018-05-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 35

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Thursday, May 17, 2018

Botnet Statistics [2018-05-16]

detection period: 2018-05-16 00:00-23:59 UTC
total number of suspected botnet IPs: 432
number of botnet IPs notified to network operators: 402
number of spam blocked: 29709
recipient count of spam blocked: 735337

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud10
2CHINANET-JS10
3KORNET-KR7
4MSFT6
5CHINANET-GD5
6AT-88-Z5
7TRIPLETNET-TH4
8TELKOMNET4
9FR-OVH-201201164
10CMNET4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China86
2United States72
3France34
4Brazil20
5India17
6Thailand14
7Italy14
8Russian Federation13
9South Korea12
10Germany11

Suspected Bot List [2018-05-16]

detection period: 2018-05-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 30

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Wednesday, May 16, 2018

Botnet Statistics [2018-05-15]

detection period: 2018-05-15 00:00-23:59 UTC
total number of suspected botnet IPs: 585
number of botnet IPs notified to network operators: 546
number of spam blocked: 28228
recipient count of spam blocked: 617421

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud13
2KORNET-KR13
3VNPT-VNNIC-VN8
4OVH6
5GOOGLE-CLOUD6
6CHINANET-GD6
7MSFT5
8KRNIC-KR5
9HINET-NET5
10NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China99
2United States79
3France60
4South Korea28
5Germany23
6Brazil22
7Russian Federation20
8Italy20
9India19
10Thailand18

Suspected Bot List [2018-05-15]

detection period: 2018-05-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 39

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
CZ185.82.212.95Czech Republic
PY181.40.78.162Paraguay
VE190.202.116.101Venezuela

List from greylisting:

Tuesday, May 15, 2018

Botnet Statistics [2018-05-14]

detection period: 2018-05-14 00:00-23:59 UTC
total number of suspected botnet IPs: 625
number of botnet IPs notified to network operators: 590
number of spam blocked: 18521
recipient count of spam blocked: 538317

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1OVH10
2CHINANET-JS9
3MSFT8
4GOOGLE-CLOUD8
5CHINANET-GD8
6KORNET-KR7
7HINET-NET7
8GO-DADDY-COM-LLC7
9TencentCloud6
10FR-OVH-201201165

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China106
2United States85
3France65
4Germany34
5Brazil32
6Russian Federation30
7South Korea25
8India22
9Viet Nam17
10Italy17

Suspected Bot List [2018-05-14]

detection period: 2018-05-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 35

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Monday, May 14, 2018

Botnet Statistics [2018-05-13]

detection period: 2018-05-13 00:00-23:59 UTC
total number of suspected botnet IPs: 344
number of botnet IPs notified to network operators: 320
number of spam blocked: 17609
recipient count of spam blocked: 527690

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD7
2CHINANET-JS6
3VNPT-VNNIC-VN5
4TencentCloud5
5GOOGLE-CLOUD5
6CHINANET-ZJ5
7broadNnet-KR4
8EU-DIGITALOCEAN-200906054
9OVH3
10KORNET-KR3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China69
2United States39
3France30
4Russian Federation22
5Brazil19
6Germany16
7Viet Nam11
8South Korea10
9India10
10United Kingdom10

Suspected Bot List [2018-05-13]

detection period: 2018-05-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 24

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, May 13, 2018

Botnet Statistics for April 2018

detection period: 2018-04-01 00:00 - 2018-04-30 23:59 UTC
total number of suspected botnet IPs: 2995
number of blocked spams: 1098649
recipient count of blocked spams: 28440105

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China479
2United States439
3France219
4Germany155
5South Korea144
6Russian Federation134
7Viet Nam116
8Brazil116
9India102
10United Kingdom84
11Canada67
12Italy57
13Taiwan53
14Colombia50
15Netherlands48
16Indonesia44
17Ukraine36
18Spain35
19Thailand30
20Poland29
21Mexico29
22Egypt26
23Ecuador25
24Singapore24
25Japan24

The top 25 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1China706089
2Czech Republic68934
3United States68395
4Hong Kong61707
5Venezuela60462
6Japan35439
7Netherlands27995
8Tunisia27809
9Germany14925
10Thailand10306
11Poland7023
12Ireland4215
13France1649
14ZZ1228
15South Korea847
16India312
17Colombia286
18United Kingdom256
19Viet Nam224
20Indonesia109
21Kuwait82
22Saudi Arabia56
23Ethiopia42
24Taiwan34
25Bangladesh25

The top 25 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Botnet Statistics [2018-05-12]

detection period: 2018-05-12 00:00-23:59 UTC
total number of suspected botnet IPs: 428
number of botnet IPs notified to network operators: 409
number of spam blocked: 18459
recipient count of spam blocked: 580087

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR11
2TencentCloud8
3CHINANET-JS7
4broadNnet-KR5
5VNPT-VNNIC-VN5
6GO-DADDY-COM-LLC5
7CHINANET-GD5
8TENCENT-CN4
9HINET-NET4
10CABLE-14

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China74
2United States59
3France32
4South Korea26
5Russian Federation22
6India19
7Indonesia18
8Viet Nam16
9Brazil15
10Italy14

Suspected Bot List [2018-05-12]

detection period: 2018-05-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 19

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, May 12, 2018

Botnet Statistics [2018-05-11]

detection period: 2018-05-11 00:00-23:59 UTC
total number of suspected botnet IPs: 405
number of botnet IPs notified to network operators: 383
number of spam blocked: 22741
recipient count of spam blocked: 585677

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1VNPT-VNNIC-VN12
2TencentCloud8
3CHINANET-JS7
4KORNET-KR6
5broadNnet-KR5
6TELKOMNET5
7GO-DADDY-COM-LLC5
8DIGITALOCEAN-AP4
9TENCENT-CN3
10OVH3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China64
2United States47
3France38
4Viet Nam23
5Russian Federation22
6South Korea20
7Brazil17
8India16
9Indonesia13
10Germany13

Suspected Bot List [2018-05-11]

detection period: 2018-05-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 22

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Friday, May 11, 2018

Botnet Statistics [2018-05-10]

detection period: 2018-05-10 00:00-23:59 UTC
total number of suspected botnet IPs: 550
number of botnet IPs notified to network operators: 515
number of spam blocked: 28979
recipient count of spam blocked: 630448

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud23
2broadNnet-KR8
3CHINANET-JS7
4VNPT-VNNIC-VN6
5GO-DADDY-COM-LLC6
6KORNET-KR5
7HINET-NET5
8CHINANET-GD5
9CABLE-15
10OVH4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China91
2United States66
3France41
4Russian Federation36
5Brazil28
6South Korea26
7India25
8Canada16
9Viet Nam15
10Italy15

Suspected Bot List [2018-05-10]

detection period: 2018-05-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 35

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Thursday, May 10, 2018

Botnet Statistics [2018-05-09]

detection period: 2018-05-09 00:00-23:59 UTC
total number of suspected botnet IPs: 585
number of botnet IPs notified to network operators: 555
number of spam blocked: 26090
recipient count of spam blocked: 606931

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud15
2KORNET-KR13
3CO-ACSA-LACNIC12
4broadNnet-KR10
5GO-DADDY-COM-LLC10
6CHINANET-JS7
7VNPT-VNNIC-VN6
8HINET-NET5
9FR-OVH-201505225
10FR-OVH-200609205

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1United States83
2China71
3France52
4South Korea34
5Germany34
6Russian Federation29
7India24
8Brazil22
9Viet Nam19
10Colombia15

Suspected Bot List [2018-05-09]

detection period: 2018-05-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 30

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Wednesday, May 9, 2018

Botnet Statistics [2018-05-08]

detection period: 2018-05-08 00:00-23:59 UTC
total number of suspected botnet IPs: 395
number of botnet IPs notified to network operators: 373
number of spam blocked: 20588
recipient count of spam blocked: 536945

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud17
2KORNET-KR13
3CHINANET-JS7
4TELKOMNET6
5HINET-NET6
6CHINANET-GD6
7broadNnet-KR5
8TENCENT-CN4
9micronet3
10hcmccable-net3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China81
2United States38
3South Korea25
4France24
5Brazil22
6India20
7Indonesia19
8Viet Nam14
9Germany13
10Russian Federation12

Suspected Bot List [2018-05-08]

detection period: 2018-05-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 20

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Tuesday, May 8, 2018

Botnet Statistics [2018-05-07]

detection period: 2018-05-07 00:00-23:59 UTC
total number of suspected botnet IPs: 303
number of botnet IPs notified to network operators: 283
number of spam blocked: 22397
recipient count of spam blocked: 555549

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud11
2KORNET-KR7
3CHINANET-JS7
4VNPT-VNNIC-VN5
5broadNnet-KR4
6TATACOMM-IN4
7OPC14
8GO-DADDY-COM-LLC4
9EU-DIGITALOCEAN-200906054
10TENCENT-CN3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China60
2United States41
3France24
4South Korea16
5Viet Nam15
6India11
7Brazil11
8Russian Federation10
9Italy10
10Indonesia9

Suspected Bot List [2018-05-07]

detection period: 2018-05-07 00:00-23:59 UTC
number of suspected bots' IPs listed here: 20

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Monday, May 7, 2018

Botnet Statistics [2018-05-06]

detection period: 2018-05-06 00:00-23:59 UTC
total number of suspected botnet IPs: 408
number of botnet IPs notified to network operators: 386
number of spam blocked: 21793
recipient count of spam blocked: 681696

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR11
2GO-DADDY-COM-LLC10
3TencentCloud8
4OVH7
5FR-OVH-201203207
6broadNnet-KR6
7CHINANET-GD5
8VNPT-VNNIC-VN4
9IUNET44
10EU-DIGITALOCEAN-200906054

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1France58
2United States54
3China54
4South Korea22
5Russian Federation18
6Germany18
7Viet Nam15
8India13
9Indonesia12
10Brazil10

Suspected Bot List [2018-05-06]

detection period: 2018-05-06 00:00-23:59 UTC
number of suspected bots' IPs listed here: 22

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Sunday, May 6, 2018

Botnet Statistics [2018-05-05]

detection period: 2018-05-05 00:00-23:59 UTC
total number of suspected botnet IPs: 347
number of botnet IPs notified to network operators: 325
number of spam blocked: 19170
recipient count of spam blocked: 585178

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud12
2GO-DADDY-COM-LLC10
3KORNET-KR8
4CHINANET-JS6
5broadNnet-KR4
6hcmccable-net3
7VNPT-VNNIC-VN3
8UNICOM-SD3
9OVH3
10HINET-NET3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China64
2United States50
3France35
4Russian Federation18
5South Korea16
6Viet Nam15
7India13
8Germany8
9Canada8
10Brazil8

Suspected Bot List [2018-05-05]

detection period: 2018-05-05 00:00-23:59 UTC
number of suspected bots' IPs listed here: 22

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Saturday, May 5, 2018

Botnet Statistics [2018-05-04]

detection period: 2018-05-04 00:00-23:59 UTC
total number of suspected botnet IPs: 271
number of botnet IPs notified to network operators: 243
number of spam blocked: 22538
recipient count of spam blocked: 639247

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1GO-DADDY-COM-LLC7
2KORNET-KR5
3VNPT-VNNIC-VN4
4TencentCloud4
5CHINANET-JS4
6CHINANET-GD4
7ZZGIANT3
8ETC-VN3
9CHINANET-HE3
10broadNnet-KR2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China54
2United States42
3Russian Federation19
4Viet Nam14
5France14
6Germany11
7India10
8South Korea9
9Brazil8
10Japan7

Suspected Bot List [2018-05-04]

detection period: 2018-05-04 00:00-23:59 UTC
number of suspected bots' IPs listed here: 29

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Friday, May 4, 2018

Botnet Statistics [2018-05-03]

detection period: 2018-05-03 00:00-23:59 UTC
total number of suspected botnet IPs: 210
number of botnet IPs notified to network operators: 195
number of spam blocked: 19809
recipient count of spam blocked: 462642

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR7
2VNPT-VNNIC-VN6
3CMNET5
4CHINANET-JS4
5CABLE-14
6TencentCloud3
7EU-DIGITALOCEAN-200906053
8EC-ANSA-LACNIC3
9CHINANET-ZJ3
10UNICOM-SD2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China49
2United States30
3France19
4Viet Nam12
5South Korea11
6Russian Federation10
7India6
8Germany5
9Netherlands4
10United Kingdom4

Suspected Bot List [2018-05-03]

detection period: 2018-05-03 00:00-23:59 UTC
number of suspected bots' IPs listed here: 15

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Thursday, May 3, 2018

Botnet Statistics [2018-05-02]

detection period: 2018-05-02 00:00-23:59 UTC
total number of suspected botnet IPs: 288
number of botnet IPs notified to network operators: 270
number of spam blocked: 6730
recipient count of spam blocked: 154485

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud11
2KORNET-KR9
3CHINANET-GD9
4CMNET6
5VNPT-VNNIC-VN5
6VIETEL-VN4
7CHINANET-JS4
8003.420.926/0002-054
9TELKOMNET3
10DOPI13

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China91
2United States24
3France20
4Brazil17
5Viet Nam15
6Germany13
7South Korea12
8United Kingdom9
9Indonesia7
10Russian Federation6

Suspected Bot List [2018-05-02]

detection period: 2018-05-02 00:00-23:59 UTC
number of suspected bots' IPs listed here: 18

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Wednesday, May 2, 2018

Botnet Statistics [2018-05-01]

detection period: 2018-05-01 00:00-23:59 UTC
total number of suspected botnet IPs: 387
number of botnet IPs notified to network operators: 365
number of spam blocked: 14464
recipient count of spam blocked: 433398

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud11
2KORNET-KR9
3broadNnet-KR6
4CHINANET-GD6
5OVH5
6GOOGLE-CLOUD5
7FR-OVH5
8CHINANET-SH5
9TELKOMNET4
10HINET-NET4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China96
2United States35
3France35
4South Korea24
5India22
6Germany20
7Brazil16
8Russian Federation12
9Italy10
10Viet Nam9

Suspected Bot List [2018-05-01]

detection period: 2018-05-01 00:00-23:59 UTC
number of suspected bots' IPs listed here: 22

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Tuesday, May 1, 2018

Botnet Statistics [2018-04-30]

detection period: 2018-04-30 00:00-23:59 UTC
total number of suspected botnet IPs: 333
number of botnet IPs notified to network operators: 304
number of spam blocked: 20728
recipient count of spam blocked: 381720

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET10
2TencentCloud9
3GO-DADDY-COM-LLC6
4ZZGIANT5
5KORNET-KR5
6CO-ACSA-LACNIC5
7CHINANET-ZJ5
8CHINANET-GD5
9CHINANET-SH4
10Bofinet-Wifi-FTTx4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China77
2United States38
3France24
4Russian Federation15
5Brazil13
6Germany12
7Canada11
8South Korea10
9India9
10Taiwan8

Suspected Bot List [2018-04-30]

detection period: 2018-04-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 29

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
ET196.188.92.80Ethiopia
VE190.202.116.101Venezuela

List from greylisting: