Custom Search

Friday, January 31, 2020

Botnet Statistics [2020-01-30]

detection period: 2020-01-30 00:00-23:59 UTC
total number of suspected botnet IPs: 28917
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 27348
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud899
2Baidu768
3VNPT-VN654
4TENCENT-CN588
5HINET-NET478
6TELKOMNET424
7VIETTEL-VN397
8ALISOFT392
9KORNET389
10CHINANET-JS324

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6354
2United States2760
3India1680
4Viet Nam1599
5Russian Federation1539
6Indonesia1174
7Brazil1082
8France1012
9Taiwan640
10South Korea633

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
112755706
25150486538
3445148499
42220114084
5444474021
6220058296
722247744
82242302
9143330180
102330057
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-30]

detection period: 2020-01-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1569

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Thursday, January 30, 2020

Botnet Statistics [2020-01-29]

detection period: 2020-01-29 00:00-23:59 UTC
total number of suspected botnet IPs: 28119
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 26461
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud905
2Baidu777
3TENCENT-CN590
4ALISOFT474
5HINET-NET467
6TELKOMNET441
7VNPT-VN367
8KORNET346
9DO-13320
10CHINANET-JS319

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6439
2United States2844
3India1629
4Russian Federation1450
5Indonesia1142
6Brazil1073
7France1026
8Viet Nam1013
9Taiwan623
10Thailand595

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
111381231
22220110004
3503875944
444569074
5444455744
62246066
722244119
8338938324
92336062
10707031229
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-29]

detection period: 2020-01-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1658

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Wednesday, January 29, 2020

Botnet Statistics [2020-01-28]

detection period: 2020-01-28 00:00-23:59 UTC
total number of suspected botnet IPs: 28258
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 26525
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud917
2Baidu780
3TENCENT-CN598
4HINET-NET468
5TELKOMNET447
6ALISOFT380
7DO-13355
8CHINANET-JS330
9KORNET303
10VNPT-VN302

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6416
2United States2998
3Russian Federation1527
4India1497
5Brazil1149
6Indonesia1122
7France1055
8Viet Nam906
9Taiwan653
10South Korea535

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12220135572
2444473003
344568676
4338947114
52343103
622242419
72240758
8102429787
9143327741
10330617592
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-28]

detection period: 2020-01-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1733

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Tuesday, January 28, 2020

Botnet Statistics [2020-01-27]

detection period: 2020-01-27 00:00-23:59 UTC
total number of suspected botnet IPs: 30063
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 28314
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud946
2Baidu783
3TENCENT-CN606
4TELKOMNET518
5HINET-NET514
6DO-13435
7ALISOFT435
8KORNET373
9VNPT-VN339
10CHINANET-JS324

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6377
2United States3490
3India1722
4Russian Federation1570
5Indonesia1334
6Brazil1226
7France1160
8Viet Nam933
9Taiwan680
10Thailand627

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12220153556
2445108489
3338989515
4444483359
522245228
62241909
7143330340
82329076
92526472
10102424475
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-27]

detection period: 2020-01-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1749

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Monday, January 27, 2020

Botnet Statistics [2020-01-26]

detection period: 2020-01-26 00:00-23:59 UTC
total number of suspected botnet IPs: 28621
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 26778
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud969
2Baidu824
3TENCENT-CN654
4KORNET555
5HINET-NET488
6ALISOFT469
7DO-13456
8CHINANET-JS338
9VNPT-VN333
10AT-88-Z316

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6678
2United States3513
3Russian Federation1490
4France1174
5India1030
6Viet Nam967
7Indonesia881
8Brazil877
9South Korea810
10Taiwan655

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1338980453
244576685
3444473396
4503869997
52261765
622254622
7143334616
82331345
9590128363
10590025889
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-26]

detection period: 2020-01-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1843

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Sunday, January 26, 2020

Botnet Statistics [2020-01-25]

detection period: 2020-01-25 00:00-23:59 UTC
total number of suspected botnet IPs: 25496
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 23863
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud892
2Baidu782
3TENCENT-CN624
4HINET-NET486
5DO-13384
6ALISOFT382
7CHINANET-JS339
8KORNET301
9CMNET280
10CHINANET-GD277

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6303
2United States2974
3India1383
4Russian Federation1332
5France952
6Viet Nam857
7Brazil783
8Indonesia696
9Taiwan620
10South Korea510

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1503869731
22264972
3338960078
422256975
544540000
6444438827
7143333592
82332587
9590128041
10102427615
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-25]

detection period: 2020-01-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1633

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Saturday, January 25, 2020

Botnet Statistics [2020-01-24]

detection period: 2020-01-24 00:00-23:59 UTC
total number of suspected botnet IPs: 25956
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 24424
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud913
2ALISOFT793
3Baidu784
4TENCENT-CN635
5HINET-NET391
6DO-13377
7TELKOMNET341
8KORNET323
9CHINANET-JS302
10CHINANET-GD286

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6705
2United States3054
3India1357
4Russian Federation1181
5France924
6Indonesia910
7Viet Nam811
8Brazil694
9South Korea543
10Taiwan522

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1445107442
22258488
31302248027
422247190
5338946815
6102432921
7143330784
8266228246
9590128183
10590027611
Posted by at No comments:

Suspected Bot List [2020-01-24]

detection period: 2020-01-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1532

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Friday, January 24, 2020

Botnet Statistics [2020-01-23]

detection period: 2020-01-23 00:00-23:59 UTC
total number of suspected botnet IPs: 26423
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 24973
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud945
2Baidu772
3ALISOFT682
4TENCENT-CN650
5DO-13397
6HINET-NET382
7CHINANET-JS330
8KORNET328
9TELKOMNET300
10CMNET300

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6681
2United States3046
3India1344
4Russian Federation1228
5France946
6Brazil942
7Indonesia884
8Viet Nam842
9South Korea556
10Taiwan521

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12281495
244550764
3338941086
422237352
5143337124
63802233343
7590028962
82328707
9590128414
101302227930
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-23]

detection period: 2020-01-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1450

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Thursday, January 23, 2020

Botnet Statistics [2020-01-22]

detection period: 2020-01-22 00:00-23:59 UTC
total number of suspected botnet IPs: 26448
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 24913
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud938
2Baidu771
3TENCENT-CN647
4ALISOFT508
5HINET-NET387
6DO-13379
7VNPT-VN343
8CHINANET-JS342
9KORNET314
10CMNET296

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6502
2United States3054
3India1310
4Russian Federation1211
5France960
6Viet Nam944
7Brazil893
8Indonesia863
9South Korea547
10Taiwan535

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12288162
2502268815
344559841
4338940437
522239737
6143336678
7812235716
8590128496
92328143
10590026895
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-22]

detection period: 2020-01-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1535

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Wednesday, January 22, 2020

Botnet Statistics [2020-01-21]

detection period: 2020-01-21 00:00-23:59 UTC
total number of suspected botnet IPs: 27249
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 25764
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud925
2Baidu763
3TENCENT-CN636
4VNPT-VN536
5ALISOFT477
6HINET-NET397
7DO-13373
8KORNET363
9TELKOMNET357
10CHINANET-JS332

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6621
2United States2975
3India1451
4Viet Nam1323
5Russian Federation1256
6Indonesia1021
7France962
8Brazil882
9South Korea589
10Taiwan541

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
144572937
22264914
399963239
4812261027
522240951
6502233893
7338931020
8143330907
9590128307
102328202
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-21]

detection period: 2020-01-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1485

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Tuesday, January 21, 2020

Botnet Statistics [2020-01-20]

detection period: 2020-01-20 00:00-23:59 UTC
total number of suspected botnet IPs: 27019
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 25563
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud908
2Baidu737
3VNPT-VN696
4TENCENT-CN634
5HINET-NET391
6KORNET367
7VIETTEL-VN366
8TELKOMNET363
9ALISOFT356
10DO-13347

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6301
2United States2908
3Viet Nam1516
4India1366
5Russian Federation1300
6Indonesia1049
7France965
8Brazil882
9South Korea593
10Thailand546

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
144577191
22275766
399963012
4812260990
522242669
62331343
7143330611
8338929352
9590128022
10590026736
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-20]

detection period: 2020-01-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1456

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Monday, January 20, 2020

Botnet Statistics [2020-01-19]

detection period: 2020-01-19 00:00-23:59 UTC
total number of suspected botnet IPs: 26145
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 24855
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud934
2Baidu765
3TENCENT-CN667
4KORNET523
5HINET-NET471
6VNPT-VN414
7ALISOFT389
8CHINANET-JS374
9DO-13349
10CMNET288

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6427
2United States3053
3Russian Federation1220
4Viet Nam1085
5France1066
6India900
7Brazil877
8South Korea765
9Indonesia687
10Taiwan644

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
15038216600
244599504
32280039
499963614
522250233
6812238103
72335065
8338934997
9590128094
10143326695
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-19]

detection period: 2020-01-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1290

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Sunday, January 19, 2020

Botnet Statistics [2020-01-18]

detection period: 2020-01-18 00:00-23:59 UTC
total number of suspected botnet IPs: 25326
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 23953
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud855
2Baidu698
3TENCENT-CN616
4VNPT-VN473
5HINET-NET444
6ALISOFT416
7CHINANET-JS328
8DO-13324
9TELKOMNET313
10KORNET309

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6059
2United States2760
3India1264
4Viet Nam1247
5Russian Federation1199
6France932
7Brazil805
8Indonesia804
9Taiwan604
10South Korea554

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
15038253343
22277193
399963008
444554522
52344098
622238703
7338934417
8143329864
9590128141
10590026650
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-18]

detection period: 2020-01-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1373

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Saturday, January 18, 2020

Botnet Statistics [2020-01-17]

detection period: 2020-01-17 00:00-23:59 UTC
total number of suspected botnet IPs: 26566
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 25150
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud884
2Baidu690
3VNPT-VN681
4TENCENT-CN622
5HINET-NET431
6VIETTEL-VN415
7ALISOFT395
8CHINANET-JS343
9KORNET321
10TELKOMNET317

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6117
2United States2760
3Viet Nam1635
4Russian Federation1355
5India1289
6Brazil937
7France930
8Indonesia887
9Taiwan581
10South Korea539

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1999298209
25038161991
322109049
4102463111
544557443
6338934530
7143330990
82329103
9590128215
10590027425
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-17]

detection period: 2020-01-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1416

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Friday, January 17, 2020

Botnet Statistics [2020-01-16]

detection period: 2020-01-16 00:00-23:59 UTC
total number of suspected botnet IPs: 27238
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 25757
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud901
2VNPT-VN729
3Baidu698
4TENCENT-CN623
5HINET-NET440
6VIETTEL-VN407
7TELKOMNET393
8ALISOFT351
9KORNET328
10CHINANET-JS325

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6144
2United States2820
3Viet Nam1693
4Russian Federation1336
5India1323
6Indonesia1014
7Brazil1003
8France903
9Taiwan608
10South Korea548

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1999571883
21024263091
344587783
42275138
5224258413
6143337630
7338931910
82329449
9590128105
10503827222
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-16]

detection period: 2020-01-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1481

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Thursday, January 16, 2020

Botnet Statistics [2020-01-15]

detection period: 2020-01-15 00:00-23:59 UTC
total number of suspected botnet IPs: 27382
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 25709
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud898
2VNPT-VN705
3Baidu691
4TENCENT-CN607
5HINET-NET433
6VIETTEL-VN423
7TELKOMNET390
8DO-13363
9KORNET330
10CHINANET-JS318

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6105
2United States2878
3Viet Nam1709
4Russian Federation1310
5India1166
6Indonesia1040
7France933
8Brazil903
9Taiwan572
10South Korea558

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1999366180
21024275128
35038243336
444582605
52267511
6224262297
7800036602
8226233823
9143332989
102331065
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-15]

detection period: 2020-01-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1673

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Wednesday, January 15, 2020

Botnet Statistics [2020-01-14]

detection period: 2020-01-14 00:00-23:59 UTC
total number of suspected botnet IPs: 27579
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 25911
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud891
2Baidu691
3VNPT-VN682
4TENCENT-CN605
5VIETTEL-VN456
6HINET-NET442
7DO-13397
8TELKOMNET396
9KORNET344
10CHINANET-JS331

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6145
2United States3054
3Viet Nam1663
4Russian Federation1318
5India1292
6Indonesia1033
7France958
8Brazil907
9Taiwan587
10South Korea569

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1999328994
21024271099
322179810
444569580
5338969554
6225249448
7224247478
8143333656
92329529
10590023316
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-14]

detection period: 2020-01-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1668

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Tuesday, January 14, 2020

Botnet Statistics [2020-01-13]

detection period: 2020-01-13 00:00-23:59 UTC
total number of suspected botnet IPs: 28843
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 27180
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud908
2VNPT-VN786
3Baidu690
4TENCENT-CN621
5HINET-NET467
6VIETTEL-VN461
7TELKOMNET403
8KORNET391
9ALISOFT379
10DO-13352

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China6196
2United States3128
3Viet Nam1810
4India1471
5Russian Federation1460
6Indonesia1105
7France983
8Brazil978
9Taiwan642
10South Korea638

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
133893187300
26663150678
390003148682
4338903147170
510223144516
650003142009
722462163
81024269545
9999249853
1044572383
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-13]

detection period: 2020-01-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1663

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Monday, January 13, 2020

Botnet Statistics [2020-01-12]

detection period: 2020-01-12 00:00-23:59 UTC
total number of suspected botnet IPs: 25563
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 24117
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud892
2Baidu668
3TENCENT-CN623
4KORNET502
5VNPT-VN488
6HINET-NET451
7ALISOFT396
8VIETTEL-VN330
9CHINANET-JS322
10DO-13320

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China5912
2United States3046
3Russian Federation1297
4Viet Nam1289
5France1011
6India952
7Brazil835
8Indonesia721
9South Korea717
10Taiwan627

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11024274653
2999237685
32259584
4802241427
544536417
6700035594
7707032120
8143327699
9590026419
10741022356
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-12]

detection period: 2020-01-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1446

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Sunday, January 12, 2020

Botnet Statistics [2020-01-11]

detection period: 2020-01-11 00:00-23:59 UTC
total number of suspected botnet IPs: 24374
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 23049
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud801
2VNPT-VN616
3Baidu584
4TENCENT-CN569
5VIETTEL-VN397
6HINET-NET396
7ALISOFT376
8TELKOMNET338
9KORNET312
10CHINANET-JS297

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China5473
2United States2741
3Viet Nam1472
4India1313
5Russian Federation1170
6France930
7Indonesia876
8Brazil788
9Taiwan534
10South Korea517

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
150387301701
2999308518
31024259218
444576960
5700044984
62241660
7220935264
8143331512
9741029529
10590026295
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-11]

detection period: 2020-01-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1325

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Saturday, January 11, 2020

Botnet Statistics [2020-01-10]

detection period: 2020-01-10 00:00-23:59 UTC
total number of suspected botnet IPs: 26399
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 25027
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1VNPT-VN802
2TencentCloud785
3Baidu586
4TENCENT-CN577
5VIETTEL-VN488
6HINET-NET453
7KORNET447
8TELKOMNET409
9ALISOFT351
10CHINANET-JS311

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China5549
2United States2822
3Viet Nam1856
4India1570
5Russian Federation1387
6Indonesia1050
7Brazil929
8France900
9South Korea675
10Taiwan598

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1999308616
244560579
3221045148
42239951
5220835457
6143331515
7220528977
8338928846
9590026275
10221224703
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-10]

detection period: 2020-01-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1372

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Friday, January 10, 2020

Botnet Statistics [2020-01-09]

detection period: 2020-01-09 00:00-23:59 UTC
total number of suspected botnet IPs: 26681
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 25111
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud810
2VNPT-VN775
3Baidu611
4TENCENT-CN585
5VIETTEL-VN482
6KORNET469
7HINET-NET423
8TELKOMNET407
9ALISOFT385
10CHINANET-JS300

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China5810
2United States2474
3Viet Nam1835
4India1540
5Russian Federation1342
6Indonesia1043
7France950
8Brazil916
9South Korea685
10Taiwan578

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1999115877
2221068293
344557416
42236509
5220736203
6143333306
7220531392
8338930345
9258026281
10590026268
Labels:
Posted by at No comments:

Suspected Bot List [2020-01-09]

detection period: 2020-01-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1570

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Thursday, January 9, 2020

Botnet Statistics [2020-01-08]

detection period: 2020-01-08 00:00-23:59 UTC
total number of suspected botnet IPs: 26646
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 25126
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud825
2VNPT-VN700
3Baidu636
4KORNET617
5TENCENT-CN603
6HINET-NET484
7VIETTEL-VN453
8TELKOMNET411
9ALISOFT386
10CMNET289

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China5726
2United States2567
3Viet Nam1696
4India1502
5Russian Federation1157
6Indonesia1041
7France995
8Brazil944
9South Korea857
10Taiwan653

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
150381002219
25000370184
37070299034
4221066212
599959326
644551553
7800037506
8220536853
92236788
10338931091
Labels:
Posted by at No comments:
Subscribe to: Posts (Atom)