Although I could not find their website, an organization with such name (Research? Telecom?) should be very good at securing their computers. It is very unusual to let hundreds of their computers participate in spam runs for so long. Did I notify the wrong contact? I don't think so, because it is CNCERT who I notify of most bots in China.
detection period: 2010-04-06 00:00-23:59 UTC
total number of suspected botnet IPs: 2827
number of botnet IPs notified to network operators: 2599
number of blocked spams: 101451
recipient count of blocked spams: 1747767
The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | HINET-NET | 1293 |
| 2 | RITELE | 357 |
| 3 | BSNLNET | 148 |
| 4 | 002.558.157/0001-62 | 51 |
| 5 | AR-TEAR7-LACNIC | 45 |
| 6 | UNICOM-SD | 26 |
| 7 | RCOM | 26 |
| 8 | 076.535.764/0326-90 | 26 |
| 9 | TATACOMM-IN | 25 |
| 10 | HATHWAY-NET | 24 |
The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:
| Rank | Country | # of suspected botnet IPs |
|---|---|---|
| 1 | Taiwan | 1306 |
| 2 | China | 623 |
| 3 | India | 244 |
| 4 | Brazil | 234 |
| 5 | Argentina | 89 |
| 6 | Russian Federation | 52 |
| 7 | United States | 33 |
| 8 | Indonesia | 25 |
| 9 | Ukraine | 19 |
| 10 | Colombia | 19 |
No comments:
Post a Comment