Botnet Statistics [2009-12-28]

My notification mail are sent from an email account of a well-known service company. My notifications have been mistaken for spam mail by them several times, as I have to include spam headers in the mail, as requested by various network operators. I have also hit my daily mail sending quota occasionally. Today it happened again. I decided to make a few modification to my mail notice. Only the first 15 relay attempts from each IP will be included. And network operators with less than 2 detected bots will not get notified.

detection period: 2009-12-28 00:00-23:59 UTC
total number of suspected botnet IPs: 4219
number of botnet IPs notified to network operators: 3716

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	1232
2	BSNLNET	428
3	CHINANET-GD	369
4	TFN-NET	189
5	002.558.157/0001-62	131
6	AR-TEAR7-LACNIC	94
7	RCOM	82
8	TATACOMM-IN	76
9	002.558.134/0001-58	70
10	UNICOM-SD	59

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	Taiwan	1438
2	China	986
3	India	687
4	Brazil	421
5	Argentina	161
6	Russian Federation	98
7	United States	64
8	Ukraine	29
9	South Korea	24
10	Indonesia	21