detection period: 2025-05-10 00:00-23:59 UTC
total number of suspected botnet IPs: 29344
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 26661
number of spam blocked: 0
recipient count of spam blocked: 0
The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | MSFT | 1552 |
| 2 | AL-3 | 1314 |
| 3 | GOOGLE-CLOUD | 1009 |
| 4 | PAN-22 | 954 |
| 5 | ASEPL-SG | 867 |
| 6 | BSNLNET | 734 |
| 7 | KORNET-KR | 662 |
| 8 | HURRICANE-4 | 446 |
| 9 | ALISOFT | 438 |
| 10 | CMNET | 426 |
The top 10 countries (as defined by the 2-character country code), ordered by the number of suspected botnet IPs are:
The top 10 TCP ports, ordered by the number of connection attempts received are:
| Rank | Country/Region | # of suspected botnet IPs |
|---|---|---|
| 1 | United States | 8270 |
| 2 | China | 5846 |
| 3 | India | 1854 |
| 4 | Singapore | 1044 |
| 5 | South Korea | 995 |
| 6 | Brazil | 770 |
| 7 | Indonesia | 629 |
| 8 | Hong Kong | 608 |
| 9 | Viet Nam | 530 |
| 10 | Russian Federation | 469 |
Saturday, May 10, 2025
Botnet Statistics [2025-05-09]
(To download the latest zombie ip list, please visit the Daily Zombie IP Lists for May 2025. To get an idea of what IP is scanning the Internet currently, please watch: Daily Botnet Detection Live Streaming.)
detection period: 2025-05-09 00:00-23:59 UTC
total number of suspected botnet IPs: 24873
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 22854
number of spam blocked: 0
recipient count of spam blocked: 0
The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:
detection period: 2025-05-09 00:00-23:59 UTC
total number of suspected botnet IPs: 24873
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 22854
number of spam blocked: 0
recipient count of spam blocked: 0
The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:
| Rank | TCP port number | # of connection attempts received |
|---|---|---|
| 1 | 2228 | 164681 |
| 2 | 7722 | 140715 |
| 3 | 5555 | 79708 |
| 4 | 4422 | 45267 |
| 5 | 22 | 44312 |
| 6 | 12022 | 35622 |
| 7 | 9999 | 33842 |
| 8 | 23 | 31077 |
| 9 | 5900 | 30517 |
| 10 | 8022 | 20697 |
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | MSFT | 1566 |
| 2 | AL-3 | 1205 |
| 3 | GOOGLE-CLOUD | 1010 |
| 4 | PAN-22 | 953 |
| 5 | BSNLNET | 840 |
| 6 | ASEPL-SG | 767 |
| 7 | KORNET-KR | 678 |
| 8 | HURRICANE-4 | 451 |
| 9 | ALISOFT | 423 |
| 10 | VOLCANO-ENGINE | 416 |
The top 10 countries (as defined by the 2-character country code), ordered by the number of suspected botnet IPs are:
The top 10 TCP ports, ordered by the number of connection attempts received are:
| Rank | Country/Region | # of suspected botnet IPs |
|---|---|---|
| 1 | United States | 8227 |
| 2 | China | 5534 |
| 3 | India | 1681 |
| 4 | South Korea | 997 |
| 5 | Singapore | 953 |
| 6 | Hong Kong | 583 |
| 7 | Russian Federation | 465 |
| 8 | United Kingdom | 460 |
| 9 | Indonesia | 397 |
| 10 | Viet Nam | 362 |
Friday, May 9, 2025
Botnet Statistics [2025-05-08]
(To download the latest zombie ip list, please visit the Daily Zombie IP Lists for May 2025. To get an idea of what IP is scanning the Internet currently, please watch: Daily Botnet Detection Live Streaming.)
detection period: 2025-05-08 00:00-23:59 UTC
total number of suspected botnet IPs: 26255
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 24250
number of spam blocked: 0
recipient count of spam blocked: 0
The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:
detection period: 2025-05-08 00:00-23:59 UTC
total number of suspected botnet IPs: 26255
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 24250
number of spam blocked: 0
recipient count of spam blocked: 0
The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:
| Rank | TCP port number | # of connection attempts received |
|---|---|---|
| 1 | 2228 | 93826 |
| 2 | 7722 | 88053 |
| 3 | 8090 | 42372 |
| 4 | 22 | 41566 |
| 5 | 5900 | 37670 |
| 6 | 5555 | 29719 |
| 7 | 23 | 27854 |
| 8 | 8022 | 23112 |
| 9 | 9999 | 20888 |
| 10 | 2122 | 17775 |
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | MSFT | 1579 |
| 2 | AL-3 | 1349 |
| 3 | GOOGLE-CLOUD | 1017 |
| 4 | PAN-22 | 951 |
| 5 | ASEPL-SG | 951 |
| 6 | BSNLNET | 822 |
| 7 | KORNET-KR | 592 |
| 8 | HURRICANE-4 | 448 |
| 9 | ALISOFT | 448 |
| 10 | VOLCANO-ENGINE | 405 |
The top 10 countries (as defined by the 2-character country code), ordered by the number of suspected botnet IPs are:
The top 10 TCP ports, ordered by the number of connection attempts received are:
| Rank | Country/Region | # of suspected botnet IPs |
|---|---|---|
| 1 | United States | 9037 |
| 2 | China | 5811 |
| 3 | India | 1667 |
| 4 | Singapore | 1147 |
| 5 | South Korea | 864 |
| 6 | Hong Kong | 577 |
| 7 | Russian Federation | 472 |
| 8 | United Kingdom | 468 |
| 9 | Netherlands | 418 |
| 10 | Indonesia | 396 |
Subscribe to:
Posts (Atom)
| Rank | TCP port number | # of connection attempts received |
|---|---|---|
| 1 | 2228 | 126293 |
| 2 | 22 | 43105 |
| 3 | 5900 | 37843 |
| 4 | 8022 | 23800 |
| 5 | 8822 | 23391 |
| 6 | 10101 | 21483 |
| 7 | 1022 | 14717 |
| 8 | 222 | 14715 |
| 9 | 9922 | 14114 |
| 10 | 445 | 13363 |
