total number of suspected botnet IPs: 32414
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 30673
number of spam blocked: 0
recipient count of spam blocked: 0
The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | HATHWAY-NET | 1696 |
| 2 | TencentCloud | 1281 |
| 3 | VNPT-VN | 1059 |
| 4 | HATHWAY-AP | 659 |
| 5 | Baidu | 651 |
| 6 | TENCENT-CN | 609 |
| 7 | DIGITALOCEAN-192-241-128-0 | 600 |
| 8 | VIETTEL-VN | 565 |
| 9 | HINET-NET | 487 |
| 10 | ALISOFT | 428 |
The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:
| Rank | Country/Region | # of suspected botnet IPs |
|---|---|---|
| 1 | China | 7343 |
| 2 | India | 4564 |
| 3 | United States | 3339 |
| 4 | Viet Nam | 2103 |
| 5 | Russian Federation | 1302 |
| 6 | Brazil | 1234 |
| 7 | Indonesia | 989 |
| 8 | France | 844 |
| 9 | Thailand | 650 |
| 10 | Taiwan | 629 |
The top 10 TCP ports, ordered by number of connection attempts received are:
| Rank | TCP port number | # of connection attempts received |
|---|---|---|
| 1 | 2375 | 499575 |
| 2 | 445 | 221136 |
| 3 | 6022 | 101280 |
| 4 | 8022 | 98347 |
| 5 | 3022 | 62517 |
| 6 | 23 | 61095 |
| 7 | 1433 | 52045 |
| 8 | 22 | 42667 |
| 9 | 322 | 41425 |
| 10 | 7822 | 36751 |
No comments:
Post a Comment