Update: this sudden increase of spam sending IPs might have something to do with this. According to BBC, a flaw in McAfee's software "Rumor Service" makes affected machines act as open relays, thus could be abused to send spam mail.
detection period: 2012-01-18 00:00-23:59 UTC
total number of suspected botnet IPs: 7407
number of botnet IPs notified to network operators: 5301
number of spam blocked: 4981
recipient count of spam blocked: 150949
The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | MTNLISP | 331 |
| 2 | PTCL | 302 |
| 3 | HINET-NET | 272 |
| 4 | KORNET-KR | 263 |
| 5 | TELKOMNET | 246 |
| 6 | BSNLNET | 156 |
| 7 | BY-BELPAK-20091210 | 152 |
| 8 | VNPT-VNNIC-VN | 147 |
| 9 | PE-PETD2-LACNIC | 93 |
| 10 | PE-TPSA-LACNIC | 71 |
The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:
| Rank | Country | # of suspected botnet IPs |
|---|---|---|
| 1 | Indonesia | 928 |
| 2 | India | 813 |
| 3 | Russian Federation | 545 |
| 4 | South Korea | 440 |
| 5 | Pakistan | 358 |
| 6 | China | 331 |
| 7 | Peru | 323 |
| 8 | Taiwan | 315 |
| 9 | Poland | 298 |
| 10 | Brazil | 239 |
No comments:
Post a Comment