Custom Search

Thursday, April 3, 2025

Botnet Statistics [2025-04-02]

(To download the latest zombie ip list, please visit the Daily Zombie IP Lists for January 2025. To get an idea of what IP is scanning the Internet currently, please watch: Daily Botnet Detection Live Streaming.)
detection period: 2025-04-02 00:00-23:59 UTC
total number of suspected botnet IPs: 24776
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 22962
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1MSFT1525
2AL-31150
3HINET-NET1018
4GOOGLE-CLOUD1018
5PAN-22966
6ASEPL-SG794
7BSNLNET629
8ALISOFT545
9KORNET-KR470
10HURRICANE-4450


The top 10 countries (as defined by the 2-character country code), ordered by the number of suspected botnet IPs are:


The top 10 TCP ports, ordered by the number of connection attempts received are:

RankCountry/Region# of suspected botnet IPs
1United States7832
2China5256
3India1367
4Taiwan1182
5Singapore961
6South Korea730
7United Kingdom630
8Hong Kong549
9Russian Federation488
10European Union398

20250403 Botnet Detection Live Streaming 40+ zombies detected)
Labels:
Posted by at No comments:

Wednesday, April 2, 2025

Botnet Statistics [2025-04-01]

(To download the latest zombie ip list, please visit the Daily Zombie IP Lists for January 2025. To get an idea of what IP is scanning the Internet currently, please watch: Daily Botnet Detection Live Streaming.)
detection period: 2025-04-01 00:00-23:59 UTC
total number of suspected botnet IPs: 24996
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 23200
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:

RankTCP port number# of connection attempts received
15900142010
23769964229
322354776
4600053261
5600153124
6876550651
72248223
8772225374
9876322240
10765221100
RankNetwork# of suspected botnet IPs
1MSFT1539
2HINET-NET1291
3GOOGLE-CLOUD990
4AL-3975
5PAN-22952
6BSNLNET668
7ASEPL-SG601
8ALISOFT507
9KORNET-KR449
10HURRICANE-4449


The top 10 countries (as defined by the 2-character country code), ordered by the number of suspected botnet IPs are:


The top 10 TCP ports, ordered by the number of connection attempts received are:

RankCountry/Region# of suspected botnet IPs
1United States7897
2China5308
3Taiwan1448
4India1369
5Singapore823
6South Korea664
7United Kingdom651
8Hong Kong541
9Russian Federation471
10Indonesia402

20250402 Botnet Detection Live Streaming 40+ zombies detected)
Labels:
Posted by at No comments:

Daily Zombie Lists for April 2025(2025年04月,每日殭屍電腦IP清單)

To facilitate security research, I will release the daily zombie IP lists in CSV format here for anyone interested to download. The data columns are defined as follows:
為協助資安方面的研究,我將每日釋出CSV格式的殭屍電腦IP清單,供任何有興趣的人下載。資料欄位定義如下:

Column 1: The date and time in UTC when the last connection attempt (port scans) from the zombie IP (column 2) was detected;
第1欄:該殭屍電腦最後一次被偵測到企圖連線的日期、時間,時區為UTC;
Column 2: Zombie IP;
第2欄:該殭屍電腦的IP位址;
Column 3: TCP destination port number scanned by the zombie.
第3欄:該殭屍電腦所掃描的TCP埠號。

Join the "Suspected Zombie IP List" Telegram channel to get notified when the latest data are ready for download.
想在第一時間取得資料下載網址?請加入Suspected Zombie IP List的Telegram頻道。

Here are the download links of the daily zombie IP lists for April 2025 (without excluding IP addresses of TOR exits and so-called security researchers' nodes.):
以下是2025年04月的每日殭屍電腦IP清單的下載網址(未濾除TOR exit與所謂“資安研究者”的主機IP):

04/01: download link 下載網址; MD5sum: e5ff9f3444de0d50d7eaeba63f678732
04/02: download link 下載網址; MD5sum: c4a81ea8202d12847b8cc4d83a439d57
Labels:
Posted by at No comments:
Subscribe to: Posts (Atom)
RankTCP port number# of connection attempts received
12250836
2600028462
3600128163
4590027950
5876323582
6765222533
72322272
8220220079
91000016864
10232315452