Custom Search

Friday, January 2, 2026

Botnet Statistics [2026-01-01]

(To download the latest zombie ip list, please visit the Daily Zombie IP Lists for December 2025.
detection period: 2026-01-01 00:00-23:59 UTC
total number of suspected botnet IPs: 22584
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 21445
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1MSFT1345
2GOOGLE-CLOUD1004
3PAN-22949
4AL-3903
5BYTEPLUS-SG878
6ASEPL-SG528
7VOLCANO-ENGINE503
8FR-ONYPHE-20191111415
9ALISOFT400
10CENSY379


The top 10 countries (as defined by the 2-character country code), ordered by the number of suspected botnet IPs are:


The top 10 TCP ports, ordered by the number of connection attempts received are:

RankCountry/Region# of suspected botnet IPs
1United States7754
2China7176
3Singapore1594
4France551
5Hong Kong399
6United Kingdom316
7Germany313
8Netherlands296
9Indonesia287
10European Union271
Labels:
Posted by at No comments:

Daily Zombie Lists for January 2026(2026年01月,每日殭屍電腦IP清單)

To facilitate security research, I will release the daily zombie IP lists in CSV format here for anyone interested to download. The data columns are defined as follows:
為協助資安方面的研究,我將每日釋出CSV格式的殭屍電腦IP清單,供任何有興趣的人下載。資料欄位定義如下:

Column 1: The date and time in UTC when the last connection attempt (port scans) from the zombie IP (column 2) was detected;
第1欄:該殭屍電腦最後一次被偵測到企圖連線的日期、時間,時區為UTC;
Column 2: Zombie IP;
第2欄:該殭屍電腦的IP位址;
Column 3: TCP destination port number scanned by the zombie.
第3欄:該殭屍電腦所掃描的TCP埠號。

Join the "Suspected Zombie IP List" Telegram channel to get notified when the latest data are ready for download.
想在第一時間取得資料下載網址?請加入Suspected Zombie IP List的Telegram頻道。

Here are the download links of the daily zombie IP lists for January 2026 (without excluding IP addresses of TOR exits and so-called security researchers' nodes.):
以下是2026年01月的每日殭屍電腦IP清單的下載網址(未濾除TOR exit與所謂“資安研究者”的主機IP):

01/01: download link 下載網址; MD5sum: 17a23fe51f25fd701e4541169783d008
Labels:
Posted by at No comments:

Thursday, January 1, 2026

Botnet Statistics [2025-12-31]

(To download the latest zombie ip list, please visit the Daily Zombie IP Lists for December 2025.
detection period: 2025-12-31 00:00-23:59 UTC
total number of suspected botnet IPs: 26398
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 25159
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:

RankTCP port number# of connection attempts received
15900338219
2929257277
3225557038
4999955922
52255779
6132253678
752251281
8112245730
9991137932
10344331398
RankNetwork# of suspected botnet IPs
1MSFT1377
2GOOGLE-CLOUD1000
3PAN-22945
4AL-3926
5BYTEPLUS-SG878
6ASEPL-SG568
7VOLCANO-ENGINE519
8CLOUDFLARENET445
9UNICOM437
10ALISOFT410


The top 10 countries (as defined by the 2-character country code), ordered by the number of suspected botnet IPs are:


The top 10 TCP ports, ordered by the number of connection attempts received are:

RankCountry/Region# of suspected botnet IPs
1China10439
2United States7975
3Singapore1661
4France467
5Hong Kong414
6Indonesia352
7Germany327
8United Kingdom324
9India290
10Russian Federation288
Labels:
Posted by at No comments:

Botnet Statistics [2025-12-30]

(To download the latest zombie ip list, please visit the Daily Zombie IP Lists for December 2025.
detection period: 2025-12-30 00:00-23:59 UTC
total number of suspected botnet IPs: 21452
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 20135
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:

RankTCP port number# of connection attempts received
15900402373
2929270610
3702267752
4132262798
52260345
6255560078
7112259318
8225558447
9344343080
10224433316
RankNetwork# of suspected botnet IPs
1MSFT1412
2GOOGLE-CLOUD1002
3PAN-22948
4AL-3935
5BYTEPLUS-SG879
6ASEPL-SG572
7VOLCANO-ENGINE531
8ALISOFT428
9CENSY371
10FR-ONYPHE-20191111368


The top 10 countries (as defined by the 2-character country code), ordered by the number of suspected botnet IPs are:


The top 10 TCP ports, ordered by the number of connection attempts received are:

RankCountry/Region# of suspected botnet IPs
1United States8478
2China4367
3Singapore1665
4France478
5Hong Kong475
6United Kingdom375
7Germany360
8Indonesia357
9Russian Federation336
10Netherlands328
Labels:
Posted by at No comments:
Subscribe to: Comments (Atom)
RankTCP port number# of connection attempts received
15900407974
282273369
3700071975
4702270690
5929268981
6132262809
7123461565
8225554556
92251855
10224434930