Custom Search

Saturday, June 30, 2018

Botnet Statistics [2018-06-29]

detection period: 2018-06-29 00:00-23:59 UTC
total number of suspected botnet IPs: 388
number of botnet IPs notified to network operators: 357
number of spam blocked: 34219
recipient count of spam blocked: 860371

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud12
2KORNET-KR11
3CHINANET-GD7
4CMNET5
5VNPT-VNNIC-VN4
6UNICOM-BJ4
7ONLINE_NET_DEDICATED_SERVERS4
8GOOGLE-CLOUD4
9GO-DADDY-COM-LLC4
10CHINANET-ZJ4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China80
2United States41
3France27
4South Korea22
5Russian Federation16
6India15
7Indonesia14
8Brazil14
9Italy12
10Viet Nam10

Suspected Bot List [2018-06-29]

detection period: 2018-06-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 31

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
IT95.255.128.226Italy
VE190.202.116.101Venezuela

List from greylisting:

Friday, June 29, 2018

Botnet Statistics [2018-06-28]

detection period: 2018-06-28 00:00-23:59 UTC
total number of suspected botnet IPs: 424
number of botnet IPs notified to network operators: 383
number of spam blocked: 40251
recipient count of spam blocked: 796723

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud16
2KORNET-KR13
3AT-88-Z7
4GO-DADDY-COM-LLC6
5CHINANET-JS6
6CHINANET-GD5
7IE-POOL-BUSINESS-HOSTING4
8GOOGLE-CLOUD4
9FR-OVH4
10DOPI14

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China81
2United States59
3France39
4South Korea24
5Indonesia19
6India17
7Brazil17
8Russian Federation13
9Viet Nam11
10Italy11

Suspected Bot List [2018-06-28]

detection period: 2018-06-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 41

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Thursday, June 28, 2018

Botnet Statistics [2018-06-27]

detection period: 2018-06-27 00:00-23:59 UTC
total number of suspected botnet IPs: 304
number of botnet IPs notified to network operators: 275
number of spam blocked: 19956
recipient count of spam blocked: 390837

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud11
2CHINANET-JS7
3CHINANET-GD7
4KORNET-KR6
5HO-24
6CHINANET-JX4
7Baidu4
8AT-88-Z4
9broadNnet-KR3
10VNPT-VNNIC-VN3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China70
2United States35
3France29
4South Korea16
5Italy14
6India13
7Indonesia13
8Brazil11
9Germany9
10Viet Nam8

Suspected Bot List [2018-06-27]

detection period: 2018-06-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 29

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Wednesday, June 27, 2018

Botnet Statistics for May 2018

detection period: 2018-05-01 00:00 - 2018-05-31 23:59 UTC
total number of suspected botnet IPs: 5160
number of blocked spams: 737690
recipient count of blocked spams: 18694694

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China957
2United States680
3France392
4Brazil233
5Germany229
6Russian Federation227
7Viet Nam226
8South Korea184
9Italy151
10India145
11United Kingdom102
12Thailand91
13Canada91
14Indonesia90
15Colombia81
16Netherlands69
17Ecuador62
18Taiwan60
19Ukraine53
20Mexico53
21Egypt50
22Poland43
23Japan43
24Malaysia42
25Hong Kong37

The top 23 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1China479412
2Turkey108282
3South Korea44618
4United States37363
5Venezuela28048
6Tunisia19404
7Colombia10990
8Viet Nam3101
9Belarus2688
10ZZ1493
11Hungary1187
12India681
13Czech Republic167
14Netherlands164
15Paraguay46
16Fiji20
17France10
18Nigeria5
19Canada4
20Germany3
21Russian Federation2
22Hong Kong1
23Brazil1

The top 23 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Botnet Statistics [2018-06-26]

detection period: 2018-06-26 00:00-23:59 UTC
total number of suspected botnet IPs: 422
number of botnet IPs notified to network operators: 381
number of spam blocked: 15573
recipient count of spam blocked: 374942

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud20
2KORNET-KR12
3GOOGLE-CLOUD7
4TENCENT-CN6
5AT-88-Z6
6broadNnet-KR5
7FR-OVH5
8DOPI15
9IE-POOL-BUSINESS-HOSTING4
10CO-ACSA-LACNIC4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China74
2United States62
3France36
4South Korea24
5Brazil21
6Italy17
7Indonesia14
8India13
9Germany12
10United Kingdom11

Suspected Bot List [2018-06-26]

detection period: 2018-06-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 41

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Tuesday, June 26, 2018

Botnet Statistics [2018-06-25]

detection period: 2018-06-25 00:00-23:59 UTC
total number of suspected botnet IPs: 311
number of botnet IPs notified to network operators: 284
number of spam blocked: 15097
recipient count of spam blocked: 371420

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR11
2CHINANET-JS7
3TencentCloud6
4TELKOMNET5
5CO-ACSA-LACNIC5
6AT-88-Z5
7MSFT4
8IE-POOL-BUSINESS-HOSTING4
9CHINANET-JX4
10UNICOM-LN3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China70
2United States35
3France25
4South Korea17
5Italy14
6Indonesia14
7Germany12
8India11
9Brazil11
10Russian Federation10

Suspected Bot List [2018-06-25]

detection period: 2018-06-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 27

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Monday, June 25, 2018

Botnet Statistics [2018-06-24]

detection period: 2018-06-24 00:00-23:59 UTC
total number of suspected botnet IPs: 223
number of botnet IPs notified to network operators: 200
number of spam blocked: 12320
recipient count of spam blocked: 369049

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud9
2CMNET7
3AT-88-Z7
4UNKNOWN5
5CHINANET-GD5
6CHINANET-JX4
7OVH3
8KORNET-KR3
9CHINANET-ZJ3
10CHINANET-JS3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China73
2United States23
3India12
4France12
5Russian Federation9
6Germany8
7South Korea7
8Italy7
9Indonesia7
10Singapore5

Suspected Bot List [2018-06-24]

detection period: 2018-06-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 23

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, June 24, 2018

Botnet Statistics [2018-06-23]

detection period: 2018-06-23 00:00-23:59 UTC
total number of suspected botnet IPs: 473
number of botnet IPs notified to network operators: 429
number of spam blocked: 20107
recipient count of spam blocked: 439273

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud19
2KORNET-KR16
3CHINANET-JS8
4AT-88-Z8
5GOOGLE-CLOUD6
6NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK5
7FR-OVH5
8DOPI15
9CHINANET-GD5
10broadNnet-KR4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China91
2United States61
3France40
4South Korea31
5India23
6Indonesia19
7Germany19
8Italy15
9United Kingdom14
10Russian Federation13

Suspected Bot List [2018-06-23]

detection period: 2018-06-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 44

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, June 23, 2018

Botnet Statistics [2018-06-22]

detection period: 2018-06-22 00:00-23:59 UTC
total number of suspected botnet IPs: 362
number of botnet IPs notified to network operators: 325
number of spam blocked: 30001
recipient count of spam blocked: 813700

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud17
2AT-88-Z9
3TELKOMNET6
4CMNET6
5NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK5
6MSFT5
7KORNET-KR5
8FR-OVH5
9CHINANET-JS5
10broadNnet-KR4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China92
2United States53
3France32
4South Korea16
5India16
6Brazil14
7Germany13
8Italy11
9Viet Nam10
10Russian Federation9

Suspected Bot List [2018-06-22]

detection period: 2018-06-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 37

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
CA167.114.136.14Canada

List from greylisting:

Friday, June 22, 2018

Botnet Statistics [2018-06-21]

detection period: 2018-06-21 00:00-23:59 UTC
total number of suspected botnet IPs: 428
number of botnet IPs notified to network operators: 396
number of spam blocked: 31306
recipient count of spam blocked: 817148

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR22
2TencentCloud19
3CMNET9
4GO-DADDY-COM-LLC6
5FR-OVH6
6CHINANET-GD6
7Baidu6
8broadNnet-KR5
9CHINANET-JS5
10AT-88-Z4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China118
2United States48
3France38
4South Korea37
5Italy18
6Brazil18
7India17
8United Kingdom11
9Indonesia10
10Canada9

Suspected Bot List [2018-06-21]

detection period: 2018-06-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 32

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Thursday, June 21, 2018

Botnet Statistics [2018-06-20]

detection period: 2018-06-20 00:00-23:59 UTC
total number of suspected botnet IPs: 343
number of botnet IPs notified to network operators: 311
number of spam blocked: 34060
recipient count of spam blocked: 819525

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR13
2CMNET10
3CHINANET-JS8
4TencentCloud7
5CO-ACSA-LACNIC6
6HINET-NET5
7FR-OVH5
8CHINANET-JX4
9BSNLNET4
10AT-88-Z4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China89
2United States33
3South Korea24
4France24
5Brazil21
6Italy12
7India12
8Indonesia12
9Colombia9
10Thailand8

Suspected Bot List [2018-06-20]

detection period: 2018-06-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 32

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Wednesday, June 20, 2018

Botnet Statistics [2018-06-19]

detection period: 2018-06-19 00:00-23:59 UTC
total number of suspected botnet IPs: 230
number of botnet IPs notified to network operators: 217
number of spam blocked: 36302
recipient count of spam blocked: 772711

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR6
2CHINANET-ZJ6
3TencentCloud5
4CMNET5
5CHINANET-JX5
6EC-CNGG-LACNIC4
7CHINANET-JS4
8VNPT-VNNIC-VN3
9IT-TIN-200702213
10EC-TESA-LACNIC3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China56
2United States26
3France15
4South Korea11
5Brazil11
6Russian Federation10
7Italy10
8Ecuador9
9India8
10Viet Nam4

Suspected Bot List [2018-06-19]

detection period: 2018-06-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 13

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
LB213.165.37.56Lebanon

List from greylisting:

Tuesday, June 19, 2018

Botnet Statistics [2018-06-18]

detection period: 2018-06-18 00:00-23:59 UTC
total number of suspected botnet IPs: 321
number of botnet IPs notified to network operators: 292
number of spam blocked: 34726
recipient count of spam blocked: 777253

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud24
2CMNET9
3CHINANET-JS7
4TENCENT-CN6
5KORNET-KR6
6Baidu6
7broadNnet-KR4
8UNICOM-LN3
9UCLOUD-NET3
10GO-DADDY-COM-LLC3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China102
2United States49
3South Korea16
4France14
5Brazil14
6India12
7Thailand8
8Russian Federation8
9Ecuador8
10Italy7

Suspected Bot List [2018-06-18]

detection period: 2018-06-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 29

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Monday, June 18, 2018

Botnet Statistics [2018-06-17]

detection period: 2018-06-17 00:00-23:59 UTC
total number of suspected botnet IPs: 516
number of botnet IPs notified to network operators: 482
number of spam blocked: 12662
recipient count of spam blocked: 379338

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud27
2KORNET-KR19
3FR-OVH9
4VNPT-VNNIC-VN7
5FR-OVH-200609206
6CHINANET-JS6
7CMNET5
8CHINANET-ZJ5
9CHINANET-GD5
10broadNnet-KR4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China111
2United States74
3France49
4South Korea31
5Brazil21
6Italy17
7India17
8Viet Nam15
9Russian Federation14
10Thailand12

Suspected Bot List [2018-06-17]

detection period: 2018-06-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 34

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, June 17, 2018

Botnet Statistics [2018-06-16]

detection period: 2018-06-16 00:00-23:59 UTC
total number of suspected botnet IPs: 233
number of botnet IPs notified to network operators: 214
number of spam blocked: 25517
recipient count of spam blocked: 764553

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET9
2CHINANET-ZJ7
3TencentCloud6
4FR-OVH4
5EC-TESA-LACNIC4
6EC-CNQG-LACNIC4
7CHINANET-GD4
8OVH3
9KORNET-KR3
10KIDC-KR3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China60
2United States22
3France22
4Brazil12
5India11
6Ecuador10
7South Korea8
8Indonesia8
9Germany7
10Canada7

Suspected Bot List [2018-06-16]

detection period: 2018-06-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 19

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, June 16, 2018

Botnet Statistics [2018-06-15]

detection period: 2018-06-15 00:00-23:59 UTC
total number of suspected botnet IPs: 274
number of botnet IPs notified to network operators: 254
number of spam blocked: 32927
recipient count of spam blocked: 123726

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud9
2CHINANET-JS8
3KORNET-KR7
4CMNET7
5EC-TESA-LACNIC6
6CHINANET-ZJ5
7CHINANET-JX4
8CHINANET-GD4
9CABLE-14
10BT-INFRA4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China86
2United States35
3France19
4South Korea11
5India11
6United Kingdom10
7Ecuador10
8Russian Federation9
9Thailand6
10Netherlands6

Suspected Bot List [2018-06-15]

detection period: 2018-06-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 20

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Friday, June 15, 2018

Botnet Statistics [2018-06-14]

detection period: 2018-06-14 00:00-23:59 UTC
total number of suspected botnet IPs: 274
number of botnet IPs notified to network operators: 251
number of spam blocked: 26660
recipient count of spam blocked: 737711

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR12
2TencentCloud7
3CMNET6
4HINET-NET5
5CHINANET-SH4
6CHINANET-GD4
7VNPT-VNNIC-VN3
8UNICOM-CN3
9THAINET-TH3
10OVH3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China69
2France30
3United States22
4South Korea16
5Russian Federation10
6India10
7Brazil9
8Viet Nam7
9Taiwan7
10Germany7

Suspected Bot List [2018-06-14]

detection period: 2018-06-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 24

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Thursday, June 14, 2018

Botnet Statistics [2018-06-13]

detection period: 2018-06-13 00:00-23:59 UTC
total number of suspected botnet IPs: 301
number of botnet IPs notified to network operators: 277
number of spam blocked: 31328
recipient count of spam blocked: 746912

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud16
2KORNET-KR11
3CABLE-15
4broadNnet-KR4
5NAZWAPL4
6EC-TESA-LACNIC4
7CO-ACSA-LACNIC4
8CHINANET-JS4
9TENCENT-CN3
10IUNET43

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China63
2United States39
3France23
4South Korea20
5Germany13
6Russian Federation12
7India10
8Brazil10
9Viet Nam9
10Poland7

Suspected Bot List [2018-06-13]

detection period: 2018-06-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 24

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
US72.174.238.50United States

List from greylisting:

Wednesday, June 13, 2018

Botnet Statistics [2018-06-12]

detection period: 2018-06-12 00:00-23:59 UTC
total number of suspected botnet IPs: 430
number of botnet IPs notified to network operators: 399
number of spam blocked: 27480
recipient count of spam blocked: 789366

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud17
2KORNET-KR14
3VNPT-VNNIC-VN7
4CO-ACSA-LACNIC6
5CHINANET-JS5
6AT-88-Z5
7broadNnet-KR4
8UNICOM-LN4
9HOSTWAY-054
10GO-DADDY-COM-LLC4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China72
2United States55
3France38
4South Korea27
5India19
6Russian Federation17
7Brazil16
8Viet Nam13
9Italy11
10Indonesia11

Suspected Bot List [2018-06-12]

detection period: 2018-06-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 31

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Tuesday, June 12, 2018

Botnet Statistics [2018-06-11]

detection period: 2018-06-11 00:00-23:59 UTC
total number of suspected botnet IPs: 201
number of botnet IPs notified to network operators: 188
number of spam blocked: 18374
recipient count of spam blocked: 444804

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS7
2KORNET-KR6
3VNPT-VNNIC-VN3
4UNICOM-CN3
5TencentCloud3
6HINET-NET3
7FR-OVH-201203203
8CHINANET-JX3
9CHINANET-AH3
10Bofinet-Wifi-FTTx3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China36
2United States24
3France20
4South Korea13
5Brazil12
6Russian Federation10
7Italy7
8Viet Nam6
9Indonesia6
10Ukraine4

Suspected Bot List [2018-06-11]

detection period: 2018-06-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 13

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Monday, June 11, 2018

Botnet Statistics [2018-06-10]

detection period: 2018-06-10 00:00-23:59 UTC
total number of suspected botnet IPs: 142
number of botnet IPs notified to network operators: 131
number of spam blocked: 11978
recipient count of spam blocked: 397114

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS6
2KORNET-KR5
3VNPT-VNNIC-VN4
4HINET-NET4
5EC-ANSA-LACNIC4
6CHINANET-ZJ3
7CHINANET-GD3
8UNICOM-LN2
9UNICOM-CN2
10TN-ATI-200612122

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China30
2United States19
3France12
4Viet Nam8
5Russian Federation8
6South Korea8
7Taiwan4
8Netherlands4
9Ecuador4
10Italy3

Suspected Bot List [2018-06-10]

detection period: 2018-06-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 11

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Sunday, June 10, 2018

Botnet Statistics [2018-06-09]

detection period: 2018-06-09 00:00-23:59 UTC
total number of suspected botnet IPs: 183
number of botnet IPs notified to network operators: 166
number of spam blocked: 12453
recipient count of spam blocked: 373184

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud8
2KORNET-KR6
3HINET-NET5
4CHINANET-JS5
5FR-OVH-201505223
6CHINANET-ZJ3
7VNPT-VNNIC-VN2
8UNICOM-CN2
9STRATO-RZG-DED2
10LAOTELECOM2

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China42
2United States19
3France14
4Brazil10
5South Korea9
6Russian Federation7
7Germany6
8Taiwan5
9Italy5
10Colombia5

Suspected Bot List [2018-06-09]

detection period: 2018-06-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 17

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Saturday, June 9, 2018

Botnet Statistics [2018-06-08]

detection period: 2018-06-08 00:00-23:59 UTC
total number of suspected botnet IPs: 232
number of botnet IPs notified to network operators: 213
number of spam blocked: 11152
recipient count of spam blocked: 334009

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud11
2CHINANET-JS7
3KORNET-KR6
4VNPT-VNNIC-VN5
5CABLE-14
6TimeNet3
7CHINANET-GD3
8BORANET-KR3
9TENCENT-CN2
10TEDATA-201503192

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China62
2United States23
3South Korea14
4France12
5Brazil9
6Viet Nam8
7Italy8
8India8
9Russian Federation7
10Germany7

Suspected Bot List [2018-06-08]

detection period: 2018-06-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 19

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Friday, June 8, 2018

Botnet Statistics [2018-06-07]

detection period: 2018-06-07 00:00-23:59 UTC
total number of suspected botnet IPs: 485
number of botnet IPs notified to network operators: 441
number of spam blocked: 10633
recipient count of spam blocked: 318546

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud13
2KORNET-KR10
3broadNnet-KR9
4VNPT-VNNIC-VN9
5CHINANET-GD9
6HINET-NET6
7CO-ACSA-LACNIC6
8CMNET6
9AT-88-Z6
10FR-OVH5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China84
2United States60
3France40
4South Korea30
5Brazil21
6Russian Federation20
7Indonesia18
8India16
9Viet Nam14
10Canada14

Suspected Bot List [2018-06-07]

detection period: 2018-06-07 00:00-23:59 UTC
number of suspected bots' IPs listed here: 45

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
US72.174.238.50United States
VE190.202.116.101Venezuela

List from greylisting:

Thursday, June 7, 2018

Botnet Statistics [2018-06-06]

detection period: 2018-06-06 00:00-23:59 UTC
total number of suspected botnet IPs: 487
number of botnet IPs notified to network operators: 443
number of spam blocked: 61485
recipient count of spam blocked: 573568

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud19
2KORNET-KR14
3CHINANET-JS11
4CHINANET-ZJ10
5CO-ACSA-LACNIC8
6CHINANET-GD7
7HINET-NET6
8VNPT-VNNIC-VN5
9BSNLNET5
10broadNnet-KR4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China119
2United States42
3France37
4South Korea28
5Brazil25
6Italy23
7India17
8Russian Federation16
9Viet Nam15
10Germany15

Suspected Bot List [2018-06-06]

detection period: 2018-06-06 00:00-23:59 UTC
number of suspected bots' IPs listed here: 44

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
CA167.114.136.14Canada
VE190.202.116.101Venezuela

List from greylisting:

Wednesday, June 6, 2018

Botnet Statistics [2018-06-05]

detection period: 2018-06-05 00:00-23:59 UTC
total number of suspected botnet IPs: 417
number of botnet IPs notified to network operators: 378
number of spam blocked: 11387
recipient count of spam blocked: 424190

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud14
2KORNET-KR12
3broadNnet-KR6
4VNPT-VNNIC-VN5
5MSFT4
6KRNIC-KR4
7HINET-NET4
8GOOGLE-CLOUD4
9FR-OVH4
10DOPI14

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China63
2United States50
3France33
4Brazil30
5South Korea28
6India17
7Italy16
8Russian Federation15
9Indonesia15
10United Kingdom12

Suspected Bot List [2018-06-05]

detection period: 2018-06-05 00:00-23:59 UTC
number of suspected bots' IPs listed here: 39

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Tuesday, June 5, 2018

Botnet Statistics [2018-06-04]

detection period: 2018-06-04 00:00-23:59 UTC
total number of suspected botnet IPs: 212
number of botnet IPs notified to network operators: 196
number of spam blocked: 2212
recipient count of spam blocked: 66273

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1KORNET-KR7
2TencentCloud6
3broadNnet-KR4
4VNPT-VNNIC-VN4
5TELKOMNET3
6MX-IPMS2-LACNIC3
7DOPI13
8CHINANET-JS3
9TENCENT-CN2
10TEDATA-201503192

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China31
2United States21
3South Korea16
4France16
5Viet Nam11
6Brazil11
7Russian Federation10
8India9
9Indonesia9
10United Kingdom7

Suspected Bot List [2018-06-04]

detection period: 2018-06-04 00:00-23:59 UTC
number of suspected bots' IPs listed here: 16

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Monday, June 4, 2018

Botnet Statistics [2018-06-03]

detection period: 2018-06-03 00:00-23:59 UTC
total number of suspected botnet IPs: 297
number of botnet IPs notified to network operators: 273
number of spam blocked: 2317
recipient count of spam blocked: 69365

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud10
2KORNET-KR10
3broadNnet-KR6
4GO-DADDY-COM-LLC4
5FR-OVH4
6003.420.926/0002-054
7hcmccable-net3
8UNICOM-BJ3
9OVH3
10NETVIGATOR3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China47
2United States40
3France25
4South Korea21
5India13
6Brazil13
7Russian Federation11
8Canada9
9Italy8
10Germany8

Suspected Bot List [2018-06-03]

detection period: 2018-06-03 00:00-23:59 UTC
number of suspected bots' IPs listed here: 24

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, June 3, 2018

Botnet Statistics [2018-06-02]

detection period: 2018-06-02 00:00-23:59 UTC
total number of suspected botnet IPs: 303
number of botnet IPs notified to network operators: 276
number of spam blocked: 7319
recipient count of spam blocked: 219222

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud12
2CHINANET-JS9
3KORNET-KR7
4EVN-FO5
5CMNET5
6VNPT-VNNIC-VN4
7TENCENT-CN4
8TATACOMM-IN4
9broadNnet-KR3
10UNICOM-CN3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China66
2United States35
3South Korea18
4France18
5Brazil18
6India14
7Russian Federation13
8Viet Nam9
9Germany9
10United Kingdom8

Suspected Bot List [2018-06-02]

detection period: 2018-06-02 00:00-23:59 UTC
number of suspected bots' IPs listed here: 27

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Saturday, June 2, 2018

Botnet Statistics [2018-06-01]

detection period: 2018-06-01 00:00-23:59 UTC
total number of suspected botnet IPs: 314
number of botnet IPs notified to network operators: 288
number of spam blocked: 7890
recipient count of spam blocked: 179309

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud10
2CMNET9
3KORNET-KR7
4CHINANET-JS6
5TENCENT-CN5
6CHINANET-SH5
7VNPT-VNNIC-VN4
8FR-OVH4
9CHINANET-JX4
10Baidu4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China83
2United States34
3France18
4Russian Federation17
5South Korea15
6Brazil12
7Italy9
8India9
9Germany8
10Viet Nam7

Suspected Bot List [2018-06-01]

detection period: 2018-06-01 00:00-23:59 UTC
number of suspected bots' IPs listed here: 26

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting:

Friday, June 1, 2018

Botnet Statistics [2018-05-31]

detection period: 2018-05-31 00:00-23:59 UTC
total number of suspected botnet IPs: 411
number of botnet IPs notified to network operators: 385
number of spam blocked: 16407
recipient count of spam blocked: 173819

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud20
2CHINANET-JS13
3broadNnet-KR9
4KORNET-KR9
5CO-ACSA-LACNIC9
6HINET-NET7
7CMNET5
8CHINANET-ZJ5
9HOSTWAY-054
10GO-DADDY-COM-LLC4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China107
2United States54
3South Korea26
4France25
5Russian Federation16
6Brazil16
7Colombia12
8Indonesia11
9Taiwan9
10Netherlands9

Suspected Bot List [2018-05-31]

detection period: 2018-05-31 00:00-23:59 UTC
number of suspected bots' IPs listed here: 27

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
VE190.202.116.101Venezuela

List from greylisting: