Daily Botnet Statistics: June 2011

Thursday, June 30, 2011

Botnet Statistics [2011-06-29]

No data of fake open relay today.

detection period: 2011-06-29 00:00-23:59 UTC
total number of suspected botnet IPs: 939
number of botnet IPs notified to network operators: 709
number of blocked spams: 0
recipient count of blocked spams: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	86
2	CHINANET-GD	59
3	UNICOM-BJ	48
4	CHINANET-JS	43
5	CRTC	33
6	KORNET-KR	19
7	RCOM	18
8	CHINANET-ZJ	17
9	VNPT-VNNIC-VN	16
10	MTNLISP	15

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	330
2	India	154
3	Brazil	62
4	Russian Federation	42
5	South Korea	42
6	United States	36
7	Ukraine	23
8	Viet Nam	20
9	Taiwan	18
10	Indonesia	17

Wednesday, June 29, 2011

Botnet Statistics [2011-06-28]

No data of fake open relay today.

detection period: 2011-06-28 00:00-23:59 UTC
total number of suspected botnet IPs: 1345
number of botnet IPs notified to network operators: 957
number of blocked spams: 0
recipient count of blocked spams: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	118
2	CHINANET-GD	101
3	UNICOM-BJ	75
4	CHINANET-JS	39
5	VNPT-VNNIC-VN	33
6	KORNET-KR	32
7	CRTC	31
8	TELKOMNET	18
9	TATACOMM-IN	18
10	002.558.134/0001-58	18

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	429
2	India	217
3	Brazil	84
4	South Korea	79
5	Russian Federation	60
6	United States	45
7	Viet Nam	43
8	Indonesia	38
9	Taiwan	20
10	Pakistan	17

Tuesday, June 28, 2011

Botnet Statistics [2011-06-27]

No data of fake open relay today.

detection period: 2011-06-27 00:00-23:59 UTC
total number of suspected botnet IPs: 1352
number of botnet IPs notified to network operators: 934
number of blocked spams: 0
recipient count of blocked spams: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	CHINANET-GD	104
2	BSNLNET	71
3	UNICOM-BJ	56
4	KORNET-KR	48
5	CHINANET-JS	38
6	VNPT-VNNIC-VN	31
7	CRTC	29
8	RCOM	22
9	000.065.376/0002-65	21
10	CHINANET-ZJ	20

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	411
2	India	179
3	South Korea	97
4	Brazil	80
5	Russian Federation	54
6	Viet Nam	44
7	United States	40
8	Ukraine	35
9	Indonesia	28
10	Pakistan	21

Monday, June 27, 2011

Botnet Statistics [2011-06-26]

I can not connect to my fake open relay, so its data are not included today.

detection period: 2011-06-26 00:00-23:59 UTC
total number of suspected botnet IPs: 787
number of botnet IPs notified to network operators: 565
number of blocked spams: 0
recipient count of blocked spams: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	CHINANET-GD	95
2	UNICOM-BJ	65
3	CRTC	23
4	KORNET-KR	20
5	CHINANET-HB	13
6	CHINANET-ZJ	12
7	CHINANET-JS	12
8	CHINANET-SH	10
9	BSNLNET	10
10	UNICOM-SD	8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	349
2	Russian Federation	43
3	South Korea	40
4	United States	31
5	India	27
6	Brazil	23
7	Indonesia	21
8	Ukraine	18
9	Taiwan	15
10	Viet Nam	12

Sunday, June 26, 2011

Botnet Statistics [2011-06-25]

detection period: 2011-06-25 00:00-23:59 UTC
total number of suspected botnet IPs: 1874
number of botnet IPs notified to network operators: 1302
number of blocked spams: 4762
recipient count of blocked spams: 124588

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	288
2	BSNLNET	105
3	CHINANET-GD	94
4	KORNET-KR	88
5	UNICOM-BJ	33
6	UKRTELNET	26
7	BHARTI-IN	26
8	TATACOMM-IN	23
9	CHINANET-JS	23
10	VNPT-VNNIC-VN	22

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	354
2	Taiwan	307
3	India	270
4	South Korea	146
5	Russian Federation	116
6	Brazil	67
7	Ukraine	66
8	Viet Nam	35
9	Indonesia	28
10	Poland	26

Saturday, June 25, 2011

Botnet Statistics [2011-06-24]

detection period: 2011-06-24 00:00-23:59 UTC
total number of suspected botnet IPs: 2023
number of botnet IPs notified to network operators: 1406
number of blocked spams: 66336
recipient count of blocked spams: 2309513

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	200
2	CHINANET-GD	109
3	BSNLNET	72
4	CHINANET-JS	60
5	KORNET-KR	36
6	TELKOMNET	34
7	UNICOM-BJ	29
8	RCOM	24
9	UNICOM-SD	23
10	000.065.376/0002-65	22

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	511
2	Taiwan	220
3	India	183
4	Russian Federation	135
5	Brazil	133
6	South Korea	78
7	Indonesia	69
8	Ukraine	59
9	United States	46
10	Viet Nam	30

Friday, June 24, 2011

Botnet Statistics [2011-06-23]

detection period: 2011-06-23 00:00-23:59 UTC
total number of suspected botnet IPs: 2171
number of botnet IPs notified to network operators: 1545
number of blocked spams: 86051
recipient count of blocked spams: 3003914

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	168
2	CHINANET-GD	121
3	BSNLNET	79
4	VNPT-VNNIC-VN	69
5	TELKOMNET	54
6	CHINANET-JS	42
7	UNICOM-BJ	36
8	PTCL	30
9	BHARTI-IN	28
10	CTTNET	25

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	514
2	India	226
3	Taiwan	186
4	Russian Federation	142
5	Indonesia	125
6	Brazil	122
7	Viet Nam	100
8	United States	59
9	Ukraine	57
10	South Korea	57

Thursday, June 23, 2011

Botnet Statistics [2011-06-22]

My fake open relay is back online.

detection period: 2011-06-22 00:00-23:59 UTC
total number of suspected botnet IPs: 1797
number of botnet IPs notified to network operators: 1158
number of blocked spams: 49135
recipient count of blocked spams: 1714734

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	CHINANET-GD	112
2	BSNLNET	69
3	UNICOM-BJ	50
4	HINET-NET	47
5	CHINANET-JS	43
6	TELKOMNET	31
7	PTCL	31
8	CTTNET	28
9	CHINANET-HB	25
10	VNPT-VNNIC-VN	22

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	494
2	India	172
3	Russian Federation	124
4	Brazil	117
5	Indonesia	67
6	Taiwan	61
7	South Korea	59
8	Ukraine	56
9	United States	51
10	Pakistan	41

Wednesday, June 22, 2011

Botnet Statistics [2011-06-21]

No data from my fake open relay today.

detection period: 2011-06-21 00:00-23:59 UTC
total number of suspected botnet IPs: 1504
number of botnet IPs notified to network operators: 971
number of blocked spams: 0
recipient count of blocked spams: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	77
2	CHINANET-GD	76
3	VNPT-VNNIC-VN	68
4	KORNET-KR	40
5	UNICOM-BJ	36
6	CHINANET-JS	34
7	PTCL	31
8	TELKOMNET	28
9	CRTC	23
10	BY-BELPAK-20091210	21

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	303
2	India	185
3	Russian Federation	102
4	Viet Nam	95
5	South Korea	82
6	Indonesia	66
7	Brazil	64
8	Ukraine	44
9	Pakistan	39
10	United States	28

Tuesday, June 21, 2011

Botnet Statistics [2011-06-20]

Something happened to my fake open relay yesterday, so there is no data collected from it today.

detection period: 2011-06-20 00:00-23:59 UTC
total number of suspected botnet IPs: 1132
number of botnet IPs notified to network operators: 772
number of blocked spams: 0
recipient count of blocked spams: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	CHINANET-GD	84
2	BSNLNET	76
3	VNPT-VNNIC-VN	41
4	KORNET-KR	36
5	PTCL	25
6	UNICOM-BJ	24
7	TELKOMNET	24
8	CRTC	22
9	RCOM	17
10	UKRTELNET	15

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	275
2	India	164
3	Brazil	77
4	South Korea	74
5	Russian Federation	65
6	Viet Nam	58
7	Indonesia	55
8	Ukraine	35
9	Pakistan	33
10	United States	27

Monday, June 20, 2011

Botnet Statistics [2011-06-19]

detection period: 2011-06-19 00:00-23:59 UTC
total number of suspected botnet IPs: 1851
number of botnet IPs notified to network operators: 1328
number of blocked spams: 25976
recipient count of blocked spams: 857288

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	232
2	CHINANET-GD	98
3	BSNLNET	54
4	VNPT-VNNIC-VN	42
5	CHINANET-JS	36
6	KORNET-KR	27
7	TELKOMNET	25
8	CRTC	25
9	002.558.134/0001-58	25
10	000.065.376/0002-65	24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	453
2	Taiwan	249
3	Brazil	138
4	India	125
5	Russian Federation	101
6	South Korea	67
7	Viet Nam	62
8	Ukraine	54
9	United States	49
10	Indonesia	40

Sunday, June 19, 2011

Botnet Statistics [2011-06-18]

detection period: 2011-06-18 00:00-23:59 UTC
total number of suspected botnet IPs: 3548
number of botnet IPs notified to network operators: 2631
number of blocked spams: 33554
recipient count of blocked spams: 1094854

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	593
2	HINET-NET	315
3	CHINANET-GD	122
4	KORNET-KR	92
5	RCOM	90
6	TATACOMM-IN	75
7	UKRTELNET	72
8	000.065.376/0002-65	48
9	HATHWAY-NET	46
10	002.558.134/0001-58	46

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	India	979
2	China	418
3	Taiwan	357
4	Brazil	233
5	Russian Federation	215
6	South Korea	168
7	Ukraine	149
8	Argentina	90
9	Viet Nam	66
10	Colombia	45

Saturday, June 18, 2011

Botnet Statistics [2011-06-17]

detection period: 2011-06-17 00:00-23:59 UTC
total number of suspected botnet IPs: 3345
number of botnet IPs notified to network operators: 2589
number of blocked spams: 31752
recipient count of blocked spams: 1052857

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	565
2	HINET-NET	293
3	CHINANET-GD	132
4	UKRTELNET	79
5	RCOM	76
6	TATACOMM-IN	74
7	KORNET-KR	62
8	BY-BELPAK-20091210	52
9	HATHWAY-NET	43
10	002.558.134/0001-58	43

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	India	893
2	China	469
3	Taiwan	326
4	Russian Federation	259
5	Brazil	238
6	Ukraine	157
7	South Korea	91
8	Argentina	82
9	Indonesia	65
10	Belarus	60

Friday, June 17, 2011

Botnet Statistics [2011-06-16]

detection period: 2011-06-16 00:00-23:59 UTC
total number of suspected botnet IPs: 2813
number of botnet IPs notified to network operators: 2001
number of blocked spams: 81340
recipient count of blocked spams: 2824716

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	262
2	HINET-NET	191
3	CHINANET-GD	128
4	VNPT-VNNIC-VN	60
5	TELKOMNET	59
6	RCOM	52
7	002.558.134/0001-58	46
8	UKRTELNET	43
9	000.065.376/0002-65	36
10	TATACOMM-IN	32

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	532
2	India	498
3	Brazil	226
4	Taiwan	207
5	Russian Federation	200
6	Indonesia	110
7	Ukraine	102
8	Viet Nam	99
9	South Korea	80
10	Argentina	66

Thursday, June 16, 2011

Botnet Statistics [2011-06-15]

detection period: 2011-06-15 00:00-23:59 UTC
total number of suspected botnet IPs: 2682
number of botnet IPs notified to network operators: 1811
number of blocked spams: 91916
recipient count of blocked spams: 3207803

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	180
2	HINET-NET	169
3	CHINANET-GD	119
4	VNPT-VNNIC-VN	70
5	PTCL	66
6	RCOM	51
7	TELKOMNET	46
8	TATACOMM-IN	41
9	002.558.134/0001-58	38
10	KORNET-KR	35

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	480
2	India	407
3	Brazil	188
4	Taiwan	181
5	Russian Federation	170
6	Viet Nam	126
7	Indonesia	99
8	Ukraine	85
9	Pakistan	83
10	South Korea	79

Wednesday, June 15, 2011

Botnet Statistics [2011-06-14]

detection period: 2011-06-14 00:00-23:59 UTC
total number of suspected botnet IPs: 2820
number of botnet IPs notified to network operators: 1951
number of blocked spams: 94359
recipient count of blocked spams: 3280705

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	239
2	CHINANET-GD	129
3	HINET-NET	99
4	VNPT-VNNIC-VN	67
5	RCOM	66
6	KORNET-KR	48
7	UKRTELNET	42
8	TATACOMM-IN	38
9	000.065.376/0002-65	35
10	TELKOMNET	33

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	570
2	India	491
3	Russian Federation	224
4	Brazil	200
5	Taiwan	123
6	Viet Nam	106
7	Ukraine	102
8	South Korea	94
9	Indonesia	74
10	United States	48

Tuesday, June 14, 2011

Botnet Statistics [2011-06-13]

detection period: 2011-06-13 00:00-23:59 UTC
total number of suspected botnet IPs: 2421
number of botnet IPs notified to network operators: 1758
number of blocked spams: 95028
recipient count of blocked spams: 3309594

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	164
2	BSNLNET	164
3	CHINANET-GD	124
4	CHINANET-JS	46
5	RCOM	43
6	000.065.376/0002-65	40
7	CRTC	38
8	KORNET-KR	37
9	UNICOM-BJ	34
10	VNPT-VNNIC-VN	31

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	584
2	India	342
3	Brazil	204
4	Taiwan	182
5	Russian Federation	152
6	South Korea	79
7	Ukraine	75
8	Viet Nam	61
9	Argentina	55
10	United States	44

Monday, June 13, 2011

Botnet Statistics [2011-06-12]

detection period: 2011-06-12 00:00-23:59 UTC
total number of suspected botnet IPs: 2255
number of botnet IPs notified to network operators: 1567
number of blocked spams: 94168
recipient count of blocked spams: 3280731

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	184
2	BSNLNET	101
3	CHINANET-GD	94
4	VNPT-VNNIC-VN	57
5	CHINANET-JS	48
6	KORNET-KR	37
7	CRTC	33
8	CHINANET-SH	31
9	UKRTELNET	28
10	RCOM	27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	558
2	Taiwan	201
3	India	182
4	Brazil	160
5	Russian Federation	134
6	South Korea	102
7	Viet Nam	97
8	Ukraine	80
9	Argentina	62
10	United States	57

Sunday, June 12, 2011

Botnet Statistics [2011-06-11]

detection period: 2011-06-11 00:00-23:59 UTC
total number of suspected botnet IPs: 1749
number of botnet IPs notified to network operators: 1186
number of blocked spams: 23661
recipient count of blocked spams: 790406

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	119
2	CHINANET-GD	102
3	CHINANET-JS	45
4	BSNLNET	41
5	KORNET-KR	40
6	CRTC	30
7	UNICOM-BJ	26
8	VNPT-VNNIC-VN	23
9	000.065.376/0002-65	22
10	UKRTELNET	19

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	436
2	Taiwan	140
3	Brazil	121
4	India	116
5	Russian Federation	110
6	South Korea	86
7	Ukraine	56
8	United States	50
9	Indonesia	44
10	Viet Nam	40

Saturday, June 11, 2011

Botnet Statistics [2011-06-10]

detection period: 2011-06-10 00:00-23:59 UTC
total number of suspected botnet IPs: 1827
number of botnet IPs notified to network operators: 1184
number of blocked spams: 70864
recipient count of blocked spams: 2470497

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	CHINANET-GD	90
2	BSNLNET	52
3	CHINANET-JS	40
4	KORNET-KR	37
5	VNPT-VNNIC-VN	33
6	002.558.134/0001-58	33
7	CRTC	30
8	002.558.157/0001-62	26
9	UNICOM-BJ	22
10	RCOM	22

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	450
2	Brazil	151
3	India	145
4	Russian Federation	124
5	South Korea	97
6	Ukraine	67
7	Viet Nam	61
8	United States	53
9	Indonesia	36
10	Kazakhstan	29

Friday, June 10, 2011

Botnet Statistics [2011-06-09]

detection period: 2011-06-09 00:00-23:59 UTC
total number of suspected botnet IPs: 1666
number of botnet IPs notified to network operators: 1108
number of blocked spams: 97063
recipient count of blocked spams: 3385514

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	CHINANET-GD	110
2	BSNLNET	54
3	CRTC	43
4	KORNET-KR	32
5	CHINANET-JS	31
6	000.065.376/0002-65	27
7	UKRTELNET	24
8	UNICOM-SD	21
9	002.558.157/0001-62	21
10	TELKOMNET	20

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	478
2	India	146
3	Brazil	138
4	Russian Federation	116
5	Ukraine	74
6	South Korea	69
7	United States	54
8	Indonesia	46
9	Viet Nam	36
10	Taiwan	35

Thursday, June 9, 2011

Botnet Statistics [2011-06-08]

detection period: 2011-06-08 00:00-23:59 UTC
total number of suspected botnet IPs: 2105
number of botnet IPs notified to network operators: 1494
number of blocked spams: 96177
recipient count of blocked spams: 3257025

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	CHINANET-GD	140
2	HINET-NET	104
3	BSNLNET	43
4	KORNET-KR	40
5	CHINANET-JS	40
6	CRTC	37
7	UNICOM-BJ	29
8	CTTNET	26
9	CHINANET-SH	25
10	UNICOM-SD	24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	634
2	Russian Federation	166
3	Brazil	145
4	India	126
5	Taiwan	121
6	South Korea	88
7	Ukraine	76
8	United States	73
9	Viet Nam	42
10	Indonesia	36

Wednesday, June 8, 2011

Botnet Statistics [2011-06-07]

detection period: 2011-06-07 00:00-23:59 UTC
total number of suspected botnet IPs: 1981
number of botnet IPs notified to network operators: 1995
number of blocked spams: 95707
recipient count of blocked spams: 3274111

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	191
2	CHINANET-GD	127
3	BSNLNET	55
4	KORNET-KR	45
5	CRTC	39
6	CHINANET-JS	36
7	CTTNET	33
8	VNPT-VNNIC-VN	29
9	002.558.134/0001-58	20
10	UNICOM-SD	19

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	557
2	Taiwan	206
3	Brazil	134
4	India	127
5	Russian Federation	115
6	South Korea	81
7	Ukraine	65
8	United States	64
9	Viet Nam	46
10	Indonesia	40

Tuesday, June 7, 2011

Botnet Statistics [2011-06-06]

detection period: 2011-06-06 00:00-23:59 UTC
total number of suspected botnet IPs: 3425
number of botnet IPs notified to network operators: 2264
number of blocked spams: 38544
recipient count of blocked spams: 1157264

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	232
2	BSNLNET	138
3	KORNET-KR	137
4	CHINANET-GD	134
5	VNPT-VNNIC-VN	69
6	UKRTELNET	54
7	BY-BELPAK-20091210	46
8	PTCL	41
9	CRTC	39
10	BHARTI-IN	37

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	543
2	Russian Federation	322
3	India	311
4	Taiwan	263
5	South Korea	244
6	Brazil	200
7	Ukraine	165
8	Viet Nam	101
9	United States	68
10	Argentina	68

Monday, June 6, 2011

Botnet Statistics [2011-06-05]

detection period: 2011-06-05 00:00-23:59 UTC
total number of suspected botnet IPs: 2706
number of botnet IPs notified to network operators: 1929
number of blocked spams: 28652
recipient count of blocked spams: 802656

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	HINET-NET	266
2	BSNLNET	148
3	CHINANET-GD	131
4	KORNET-KR	61
5	UKRTELNET	45
6	RCOM	38
7	CHINANET-JS	38
8	CRTC	36
9	BY-BELPAK-20091210	28
10	CTTNET	26

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	509
2	India	304
3	Taiwan	278
4	Russian Federation	266
5	Brazil	154
6	Ukraine	151
7	South Korea	113
8	Argentina	64
9	United States	59
10	Kazakhstan	48

Sunday, June 5, 2011

Botnet Statistics [2011-06-04]

detection period: 2011-06-04 00:00-23:59 UTC
total number of suspected botnet IPs: 2873
number of botnet IPs notified to network operators: 2176
number of blocked spams: 47837
recipient count of blocked spams: 1510319

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	447
2	HINET-NET	273
3	CHINANET-GD	100
4	RCOM	78
5	KORNET-KR	71
6	TATACOMM-IN	64
7	UKRTELNET	44
8	CHINANET-JS	41
9	CTTNET	40
10	002.558.134/0001-58	36

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	India	732
2	China	469
3	Taiwan	298
4	Russian Federation	223
5	Brazil	178
6	Ukraine	113
7	South Korea	104
8	Argentina	72
9	Kazakhstan	49
10	United States	45

Saturday, June 4, 2011

Botnet Statistics for May 2011

My way of counting numbers seems to screw the statistics somewhat.

I use both fake open relay and greylisting to detect botnets and compile their IP list. But only fake open relay has non-zero blocked spams. The reason: acting as open relay, it has to accept everything in its SMTP port. My greylisting never accept spam. It either rejects the mail temporarily, or if the sender retries, rejects the recipients permanently. I only count spam accepted as "blocked spam."

This might cause some discrepancies between different lists. If a certain country is mostly detected by greylisting, it might be high on the country list, but no so high on lists of both blocked spams and blocked recipients. I did not forsee this problem when I started incorporating greylisting into my statistics.

I do not intend to change my way of counting for the time being.

detection period: 2011-05-01 00:00 - 2011-05-31 23:59 UTC
total number of suspected botnet IPs: 46494
number of blocked spams: 2036931
recipient count of blocked spams: 63221233

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	China	15696
2	Taiwan	6309
3	India	4851
4	Russian Federation	2235
5	Brazil	1905
6	South Korea	1638
7	Ukraine	1073
8	Indonesia	988
9	Viet Nam	943
10	Argentina	774
11	Pakistan	625
12	United States	616
13	Poland	516
14	Belarus	439
15	Colombia	391
16	Romania	350
17	Kazakhstan	335
18	Chile	317
19	Spain	308
20	Serbia	296
21	Philippines	256
22	Saudi Arabia	253
23	Germany	220
24	Peru	216
25	Morocco	195

The top 25 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

Rank	Country	# of blocked spams
1	China	556899
2	Taiwan	243573
3	Brazil	193970
4	Russian Federation	92351
5	United States	91660
6	India	86549
7	France	67563
8	Colombia	62517
9	Indonesia	34684
10	Germany	34366
11	Thailand	31767
12	Mexico	31042
13	Ukraine	30977
14	Poland	25883
15	South Korea	24982
16	Iran	23624
17	Argentina	23285
18	Italy	19292
19	Philippines	18619
20	Kazakhstan	16441
21	Canada	16370
22	Singapore	16190
23	Chile	16117
24	Viet Nam	12880
25	Hong Kong	12554

The top 25 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Botnet Statistics [2011-06-03]

detection period: 2011-06-03 00:00-23:59 UTC
total number of suspected botnet IPs: 3052
number of botnet IPs notified to network operators: 2265
number of blocked spams: 43335
recipient count of blocked spams: 1294022

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	402
2	HINET-NET	309
3	CHINANET-GD	105
4	KORNET-KR	91
5	RCOM	57
6	UKRTELNET	55
7	TATACOMM-IN	53
8	BY-BELPAK-20091210	46
9	AR-TEAR7-LACNIC	45
10	002.558.134/0001-58	43

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	India	680
2	China	479
3	Taiwan	328
4	Russian Federation	235
5	Brazil	209
6	South Korea	138
7	Ukraine	123
8	Argentina	85
9	Belarus	55
10	United States	44

Friday, June 3, 2011

Botnet Statistics [2011-06-02]

detection period: 2011-06-02 00:00-23:59 UTC
total number of suspected botnet IPs: 2810
number of botnet IPs notified to network operators: 2154
number of blocked spams: 42207
recipient count of blocked spams: 1282514

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	509
2	HINET-NET	222
3	CHINANET-GD	117
4	RCOM	74
5	TATACOMM-IN	60
6	UKRTELNET	57
7	KORNET-KR	54
8	HATHWAY-NET	47
9	002.558.134/0001-58	39
10	UNICOM-BJ	38

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	India	799
2	China	495
3	Taiwan	234
4	Russian Federation	211
5	Brazil	207
6	Ukraine	103
7	South Korea	93
8	Argentina	65
9	Kazakhstan	46
10	Belarus	41

Thursday, June 2, 2011

Botnet Statistics [2011-06-01]

detection period: 2011-06-01 00:00-23:59 UTC
total number of suspected botnet IPs: 3235
number of botnet IPs notified to network operators: 2375
number of blocked spams: 42396
recipient count of blocked spams: 1210242

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	409
2	HINET-NET	290
3	KORNET-KR	125
4	CHINANET-GD	120
5	RCOM	82
6	UKRTELNET	55
7	TATACOMM-IN	52
8	CRTC	42
9	002.558.134/0001-58	41
10	VNPT-VNNIC-VN	37

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	India	704
2	China	510
3	Taiwan	318
4	Russian Federation	271
5	Brazil	217
6	South Korea	196
7	Ukraine	139
8	Argentina	69
9	Indonesia	52
10	United States	51

Wednesday, June 1, 2011

Botnet Statistics [2011-05-31]

detection period: 2011-05-31 00:00-23:59 UTC
total number of suspected botnet IPs: 2958
number of botnet IPs notified to network operators: 2158
number of blocked spams: 46481
recipient count of blocked spams: 1378429

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

Rank	Network	# of suspected botnet IPs
1	BSNLNET	382
2	HINET-NET	307
3	CHINANET-GD	124
4	KORNET-KR	108
5	RCOM	89
6	TATACOMM-IN	45
7	AR-TEAR7-LACNIC	43
8	VNPT-VNNIC-VN	40
9	UKRTELNET	40
10	BY-BELPAK-20091210	37

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

Rank	Country	# of suspected botnet IPs
1	India	674
2	China	443
3	Taiwan	319
4	Russian Federation	241
5	Brazil	193
6	South Korea	161
7	Ukraine	90
8	Argentina	79
9	United States	69
10	Viet Nam	59