Custom Search

Monday, December 31, 2018

Botnet Statistics [2018-12-30]

detection period: 2018-12-30 00:00-23:59 UTC
total number of suspected botnet IPs: 8887
number of botnet IPs notified to network operators: 8051
number of spam blocked: 4
recipient count of spam blocked: 4

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1VNPT-VNNIC-VN344
2HINET-NET205
3TELKOMNET147
4TencentCloud128
5VE-CSVE-LACNIC106
6CHINANET-JS84
7CHINANET-GD79
8MX-USCV4-LACNIC74
9CMNET73
10UNKNOWN65

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1435
2United States961
3Viet Nam654
4Russian Federation609
5Brazil491
6Indonesia386
7India363
8France330
9Taiwan284
10Thailand171

Suspected Bot List [2018-12-30]

detection period: 2018-12-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 836

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, December 30, 2018

Botnet Statistics [2018-12-29]

detection period: 2018-12-29 00:00-23:59 UTC
total number of suspected botnet IPs: 8064
number of botnet IPs notified to network operators: 7281
number of spam blocked: 12
recipient count of spam blocked: 302

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1VNPT-VNNIC-VN271
2TELKOMNET132
3HINET-NET124
4TencentCloud97
5CMNET89
6CHINANET-GD84
7CHINANET-JS79
8VE-CSVE-LACNIC70
9UNKNOWN70
10BEAMTELE-IN64

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1412
2United States946
3Viet Nam541
4Russian Federation504
5India470
6Brazil404
7Indonesia307
8France290
9Taiwan193
10South Korea185

Suspected Bot List [2018-12-29]

detection period: 2018-12-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 784

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, December 29, 2018

Botnet Statistics [2018-12-28]

detection period: 2018-12-28 00:00-23:59 UTC
total number of suspected botnet IPs: 7916
number of botnet IPs notified to network operators: 7201
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1VNPT-VNNIC-VN332
2TELKOMNET148
3HINET-NET120
4AT-88-Z101
5TencentCloud94
6CMNET88
7VE-CSVE-LACNIC73
8AMAZON-2011L71
9CHINANET-GD69
10BHARTI-IN67

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1213
2United States978
3Viet Nam638
4Russian Federation526
5India460
6Brazil413
7Indonesia374
8France303
9Taiwan195
10South Korea156

Suspected Bot List [2018-12-28]

detection period: 2018-12-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 715

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Friday, December 28, 2018

Botnet Statistics [2018-12-27]

detection period: 2018-12-27 00:00-23:59 UTC
total number of suspected botnet IPs: 4129
number of botnet IPs notified to network operators: 3809
number of spam blocked: 672
recipient count of spam blocked: 20044

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud75
2CMNET73
3AT-88-Z65
4CHINANET-GD63
5CHINANET-JS57
6UNKNOWN48
7KORNET-KR48
8TENCENT-CN46
9HINET-NET38
10DO-1338

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1026
2United States702
3Russian Federation232
4Brazil165
5France161
6South Korea119
7Netherlands106
8Viet Nam103
9India103
10Italy95

Suspected Bot List [2018-12-27]

detection period: 2018-12-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 320

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Thursday, December 27, 2018

Botnet Statistics [2018-12-26]

detection period: 2018-12-26 00:00-23:59 UTC
total number of suspected botnet IPs: 4426
number of botnet IPs notified to network operators: 4086
number of spam blocked: 1288
recipient count of spam blocked: 38524

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET88
2TencentCloud72
3CHINANET-JS72
4KORNET-KR63
5CHINANET-GD56
6UNKNOWN50
7VNPT-VNNIC-VN48
8HINET-NET47
9TENCENT-CN39
10Baidu36

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1123
2United States681
3Russian Federation231
4France175
5Brazil163
6South Korea150
7India134
8Viet Nam114
9Netherlands106
10Italy83

Suspected Bot List [2018-12-26]

detection period: 2018-12-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 342

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Wednesday, December 26, 2018

Botnet Statistics [2018-12-25]

detection period: 2018-12-25 00:00-23:59 UTC
total number of suspected botnet IPs: 4355
number of botnet IPs notified to network operators: 4003
number of spam blocked: 1269
recipient count of spam blocked: 37925

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET103
2TencentCloud80
3CHINANET-GD79
4CHINANET-JS70
5UNKNOWN59
6KORNET-KR56
7TENCENT-CN55
8002.558.157/0001-6249
9HINET-NET43
10Baidu42

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1149
2United States659
3Russian Federation247
4Brazil186
5France172
6South Korea140
7Netherlands108
8India105
9Viet Nam99
10Taiwan82

Suspected Bot List [2018-12-25]

detection period: 2018-12-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 355

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Tuesday, December 25, 2018

Botnet Statistics [2018-12-24]

detection period: 2018-12-24 00:00-23:59 UTC
total number of suspected botnet IPs: 4548
number of botnet IPs notified to network operators: 4228
number of spam blocked: 2034
recipient count of spam blocked: 61020

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET104
2TencentCloud94
3CHINANET-JS69
4CHINANET-GD67
5TENCENT-CN58
6KORNET-KR56
7HINET-NET51
8002.558.157/0001-6241
9Baidu40
10CHINANET-ZJ39

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1222
2United States741
3Russian Federation194
4France194
5Brazil188
6South Korea146
7India128
8Netherlands103
9Hong Kong97
10Viet Nam94

Suspected Bot List [2018-12-24]

detection period: 2018-12-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 328

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Monday, December 24, 2018

Botnet Statistics [2018-12-23]

detection period: 2018-12-23 00:00-23:59 UTC
total number of suspected botnet IPs: 4866
number of botnet IPs notified to network operators: 4490
number of spam blocked: 1475
recipient count of spam blocked: 44250

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud119
2CMNET82
3KORNET-KR74
4CHINANET-JS74
5CHINANET-GD70
6TENCENT-CN55
7Baidu49
8UNKNOWN46
9HINET-NET44
10DO-1342

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1214
2United States822
3France250
4Russian Federation225
5Brazil186
6South Korea154
7Netherlands135
8India128
9Viet Nam90
10Hong Kong90

Suspected Bot List [2018-12-23]

detection period: 2018-12-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 384

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, December 23, 2018

Botnet Statistics [2018-12-22]

detection period: 2018-12-22 00:00-23:59 UTC
total number of suspected botnet IPs: 4175
number of botnet IPs notified to network operators: 3874
number of spam blocked: 1466
recipient count of spam blocked: 43951

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud83
2CMNET82
3CHINANET-GD71
4CHINANET-JS60
5KORNET-KR59
6TENCENT-CN55
7HINET-NET46
8DO-1340
9002.558.157/0001-6240
10CHINANET-ZJ35

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1090
2United States643
3Russian Federation201
4Brazil180
5France175
6South Korea130
7India120
8Netherlands93
9Viet Nam90
10Taiwan80

Suspected Bot List [2018-12-22]

detection period: 2018-12-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 309

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, December 22, 2018

Botnet Statistics [2018-12-21]

detection period: 2018-12-21 00:00-23:59 UTC
total number of suspected botnet IPs: 4130
number of botnet IPs notified to network operators: 3809
number of spam blocked: 1257
recipient count of spam blocked: 37681

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud86
2CMNET76
3CHINANET-JS69
4CHINANET-GD57
5KORNET-KR55
6UNICOM-HA42
7HINET-NET41
8002.558.157/0001-6240
9CHINANET-SH39
10TENCENT-CN38

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1153
2United States643
3Russian Federation162
4France159
5Brazil156
6South Korea119
7India116
8Viet Nam92
9Netherlands92
10Italy87

Suspected Bot List [2018-12-21]

detection period: 2018-12-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 322

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Friday, December 21, 2018

Botnet Statistics [2018-12-20]

detection period: 2018-12-20 00:00-23:59 UTC
total number of suspected botnet IPs: 4563
number of botnet IPs notified to network operators: 4222
number of spam blocked: 1316
recipient count of spam blocked: 39480

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud87
2CMNET74
3CHINANET-JS63
4AT-88-Z56
5KORNET-KR54
6CHINANET-GD54
7HINET-NET53
8TENCENT-CN45
9002.558.157/0001-6240
10CHINANET-SC38

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1070
2United States789
3France260
4Russian Federation200
5Brazil197
6South Korea130
7India124
8Netherlands113
9Viet Nam98
10Taiwan87

Suspected Bot List [2018-12-20]

detection period: 2018-12-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 342

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Thursday, December 20, 2018

Botnet Statistics [2018-12-19]

detection period: 2018-12-19 00:00-23:59 UTC
total number of suspected botnet IPs: 4574
number of botnet IPs notified to network operators: 4222
number of spam blocked: 1253
recipient count of spam blocked: 37594

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud80
2CMNET77
3CHINANET-JS71
4CHINANET-GD59
5KORNET-KR55
6AT-88-Z48
7002.558.157/0001-6245
8HINET-NET44
9UNKNOWN41
10TENCENT-CN40

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1031
2United States806
3France262
4Russian Federation225
5Brazil184
6India140
7South Korea127
8Viet Nam115
9Netherlands109
10Indonesia96

Suspected Bot List [2018-12-19]

detection period: 2018-12-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 352

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Wednesday, December 19, 2018

Botnet Statistics [2018-12-18]

detection period: 2018-12-18 00:00-23:59 UTC
total number of suspected botnet IPs: 4604
number of botnet IPs notified to network operators: 4244
number of spam blocked: 1156
recipient count of spam blocked: 34680

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud92
2CHINANET-JS75
3KORNET-KR67
4CMNET60
5HINET-NET50
6CHINANET-GD50
7UNKNOWN44
8002.558.157/0001-6242
9DO-1340
10TENCENT-CN38

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1017
2United States760
3France282
4Brazil223
5Russian Federation218
6South Korea141
7India128
8Netherlands112
9Indonesia104
10Viet Nam102

Suspected Bot List [2018-12-18]

detection period: 2018-12-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 360

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Tuesday, December 18, 2018

Botnet Statistics [2018-12-17]

detection period: 2018-12-17 00:00-23:59 UTC
total number of suspected botnet IPs: 4155
number of botnet IPs notified to network operators: 3839
number of spam blocked: 10
recipient count of spam blocked: 300

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud72
2CMNET59
3KORNET-KR54
4CHINANET-JS51
5CHINANET-GD46
6TENCENT-CN44
7HINET-NET41
8DO-1338
9AT-88-Z38
10MX-USCV4-LACNIC34

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China974
2United States682
3France224
4Russian Federation193
5Brazil172
6India119
7South Korea111
8Netherlands88
9Viet Nam85
10Hong Kong81

Suspected Bot List [2018-12-17]

detection period: 2018-12-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 316

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Monday, December 17, 2018

Botnet Statistics [2018-12-16]

detection period: 2018-12-16 00:00-23:59 UTC
total number of suspected botnet IPs: 4261
number of botnet IPs notified to network operators: 3962
number of spam blocked: 1985
recipient count of spam blocked: 59550

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud90
2KORNET-KR73
3CHINANET-JS67
4CHINANET-GD64
5CMNET60
6HINET-NET51
7TENCENT-CN49
8002.558.157/0001-6240
9CHINANET-SC37
10DO-1332

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1014
2United States738
3France230
4Russian Federation202
5Brazil175
6South Korea141
7India107
8Netherlands101
9Hong Kong96
10Italy84

Suspected Bot List [2018-12-16]

detection period: 2018-12-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 299

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, December 16, 2018

Botnet Statistics [2018-12-15]

detection period: 2018-12-15 00:00-23:59 UTC
total number of suspected botnet IPs: 4321
number of botnet IPs notified to network operators: 4011
number of spam blocked: 5105
recipient count of spam blocked: 153150

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud93
2CMNET83
3CHINANET-JS74
4KORNET-KR68
5DIGITALOCEAN-954
6CHINANET-GD49
7TENCENT-CN46
8HINET-NET39
9AT-88-Z36
10UNKNOWN35

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China1024
2United States722
3France212
4Russian Federation200
5Brazil172
6South Korea136
7India110
8Netherlands98
9Viet Nam93
10Hong Kong90

Suspected Bot List [2018-12-15]

detection period: 2018-12-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 310

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, December 15, 2018

Botnet Statistics [2018-12-14]

detection period: 2018-12-14 00:00-23:59 UTC
total number of suspected botnet IPs: 4223
number of botnet IPs notified to network operators: 3933
number of spam blocked: 5216
recipient count of spam blocked: 156480

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1AT-88-Z86
2CHINANET-JS78
3TencentCloud77
4CMNET74
5CHINANET-GD67
6KORNET-KR65
7AMAZON-2011L54
8DIGITALOCEAN-950
9TENCENT-CN35
10HINET-NET32

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China975
2United States803
3France248
4Russian Federation179
5Brazil154
6South Korea127
7India108
8Netherlands100
9Hong Kong94
10Indonesia86

Suspected Bot List [2018-12-14]

detection period: 2018-12-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 290

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Friday, December 14, 2018

Botnet Statistics [2018-12-13]

detection period: 2018-12-13 00:00-23:59 UTC
total number of suspected botnet IPs: 3492
number of botnet IPs notified to network operators: 3230
number of spam blocked: 5444
recipient count of spam blocked: 163262

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1DIGITALOCEAN-968
2CHINANET-JS63
3AT-88-Z56
4CHINANET-GD54
5TencentCloud52
6CMNET51
7KORNET-KR39
8CHINANET-SH37
9UNKNOWN36
10AMAZON-2011L36

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China791
2United States695
3Russian Federation171
4France152
5Brazil149
6Netherlands91
7South Korea86
8India80
9Hong Kong76
10Viet Nam74

Suspected Bot List [2018-12-13]

detection period: 2018-12-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 262

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Thursday, December 13, 2018

Botnet Statistics [2018-12-12]

detection period: 2018-12-12 00:00-23:59 UTC
total number of suspected botnet IPs: 3415
number of botnet IPs notified to network operators: 3159
number of spam blocked: 4987
recipient count of spam blocked: 149610

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET69
2CHINANET-JS61
3DIGITALOCEAN-959
4CHINANET-GD57
5TencentCloud45
6002.558.157/0001-6241
7KORNET-KR38
8AT-88-Z30
9UNKNOWN28
10VNPT-VNNIC-VN23

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China791
2United States624
3France154
4Brazil147
5Russian Federation141
6Netherlands103
7South Korea95
8India74
9Viet Nam69
10Italy68

Suspected Bot List [2018-12-12]

detection period: 2018-12-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 258

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Wednesday, December 12, 2018

Botnet Statistics [2018-12-11]

detection period: 2018-12-11 00:00-23:59 UTC
total number of suspected botnet IPs: 3544
number of botnet IPs notified to network operators: 3252
number of spam blocked: 5180
recipient count of spam blocked: 155400

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD60
2CHINANET-JS53
3TencentCloud51
4CMNET46
5KORNET-KR45
6HINET-NET45
7DIGITALOCEAN-943
8002.558.157/0001-6229
9DO-1326
10UNKNOWN25

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China689
2United States644
3France197
4Brazil167
5Russian Federation147
6Netherlands106
7South Korea103
8India94
9United Kingdom82
10Italy72

Suspected Bot List [2018-12-11]

detection period: 2018-12-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 294

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Tuesday, December 11, 2018

Botnet Statistics [2018-12-10]

detection period: 2018-12-10 00:00-23:59 UTC
total number of suspected botnet IPs: 3792
number of botnet IPs notified to network operators: 3488
number of spam blocked: 5519
recipient count of spam blocked: 165570

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud99
2TENCENT-CN59
3CMNET56
4KORNET-KR50
5HINET-NET45
6002.558.157/0001-6245
7UNKNOWN42
8CHINANET-JS42
9CHINANET-GD42
10DIGITALOCEAN-841

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China807
2United States692
3France262
4Brazil183
5Russian Federation154
6India107
7South Korea92
8Netherlands90
9Italy88
10Indonesia77

Suspected Bot List [2018-12-10]

detection period: 2018-12-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 306

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Monday, December 10, 2018

Botnet Statistics [2018-12-09]

detection period: 2018-12-09 00:00-23:59 UTC
total number of suspected botnet IPs: 3287
number of botnet IPs notified to network operators: 3032
number of spam blocked: 5557
recipient count of spam blocked: 166710

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud107
2TENCENT-CN67
3DIGITALOCEAN-848
4KORNET-KR44
5HINET-NET39
6CHINANET-JS39
7Baidu37
8002.558.157/0001-6236
9DO-1332
10CHINANET-GD32

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China627
2United States607
3France229
4Russian Federation141
5Brazil138
6Netherlands111
7India81
8South Korea80
9Italy77
10Viet Nam70

Suspected Bot List [2018-12-09]

detection period: 2018-12-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 261

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, December 9, 2018

Botnet Statistics [2018-12-08]

detection period: 2018-12-08 00:00-23:59 UTC
total number of suspected botnet IPs: 3252
number of botnet IPs notified to network operators: 2988
number of spam blocked: 5606
recipient count of spam blocked: 168180

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud100
2TENCENT-CN61
3DIGITALOCEAN-848
4HINET-NET39
5Amsterdam_Residential_Television_and_Internet_Network39
6CMNET36
7KORNET-KR35
8002.558.157/0001-6235
9Baidu29
10CHINANET-GD27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China598
2United States551
3France232
4Brazil147
5Russian Federation134
6Netherlands126
7India97
8Viet Nam78
9South Korea76
10Italy71

Suspected Bot List [2018-12-08]

detection period: 2018-12-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 277

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, December 8, 2018

Botnet Statistics [2018-12-07]

detection period: 2018-12-07 00:00-23:59 UTC
total number of suspected botnet IPs: 3372
number of botnet IPs notified to network operators: 3082
number of spam blocked: 5146
recipient count of spam blocked: 154351

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud97
2TENCENT-CN61
3KORNET-KR47
4002.558.157/0001-6247
5HINET-NET40
6DIGITALOCEAN-839
7OPC134
8CMNET34
9WHG-NETWORKS33
10Baidu31

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1United States625
2China581
3France224
4Brazil154
5Russian Federation143
6United Kingdom99
7Netherlands93
8South Korea93
9Italy85
10India78

Suspected Bot List [2018-12-07]

detection period: 2018-12-07 00:00-23:59 UTC
number of suspected bots' IPs listed here: 312

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Friday, December 7, 2018

Botnet Statistics [2018-12-06]

detection period: 2018-12-06 00:00-23:59 UTC
total number of suspected botnet IPs: 3827
number of botnet IPs notified to network operators: 3498
number of spam blocked: 6282
recipient count of spam blocked: 188352

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud104
2AT-88-Z79
3TENCENT-CN63
4KORNET-KR50
5CHINANET-JS49
6OPC141
7DIGITALOCEAN-839
8CHINANET-GD38
9AMAZON-2011L37
10002.558.157/0001-6237

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1United States783
2China721
3France236
4Russian Federation152
5Brazil142
6Netherlands123
7India111
8South Korea108
9United Kingdom98
10Italy93

Suspected Bot List [2018-12-06]

detection period: 2018-12-06 00:00-23:59 UTC
number of suspected bots' IPs listed here: 352

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Thursday, December 6, 2018

Botnet Statistics [2018-12-05]

detection period: 2018-12-05 00:00-23:59 UTC
total number of suspected botnet IPs: 3811
number of botnet IPs notified to network operators: 3510
number of spam blocked: 7812
recipient count of spam blocked: 234360

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud118
2TENCENT-CN65
3KORNET-KR63
4AT-88-Z60
5AMAZON-2011L51
6CHINANET-JS46
7DIGITALOCEAN-843
8CHINANET-GD43
9UNKNOWN37
10CMNET37

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China770
2United States744
3France247
4Brazil156
5Russian Federation152
6South Korea113
7India112
8Netherlands99
9Italy87
10United Kingdom82

Suspected Bot List [2018-12-05]

detection period: 2018-12-05 00:00-23:59 UTC
number of suspected bots' IPs listed here: 311

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Wednesday, December 5, 2018

Botnet Statistics [2018-12-04]

detection period: 2018-12-04 00:00-23:59 UTC
total number of suspected botnet IPs: 2928
number of botnet IPs notified to network operators: 2690
number of spam blocked: 7365
recipient count of spam blocked: 220892

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud69
2DIGITALOCEAN-851
3DIGITALOCEAN-738
4KORNET-KR33
5002.558.157/0001-6233
6CHINANET-GD30
7TENCENT-CN29
8AT-88-Z28
9CHINANET-JS27
10HINET-NET26

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1United States546
2China503
3France214
4Russian Federation145
5Brazil123
6Netherlands103
7South Korea79
8India78
9Italy75
10United Kingdom66

Suspected Bot List [2018-12-04]

detection period: 2018-12-04 00:00-23:59 UTC
number of suspected bots' IPs listed here: 238

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Tuesday, December 4, 2018

Botnet Statistics [2018-12-03]

detection period: 2018-12-03 00:00-23:59 UTC
total number of suspected botnet IPs: 4059
number of botnet IPs notified to network operators: 3786
number of spam blocked: 6611
recipient count of spam blocked: 198330

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud116
2KORNET-KR61
3UNKNOWN60
4TENCENT-CN59
5DIGITALOCEAN-857
6DO-1348
7MSFT47
8DIGITALOCEAN-746
9Baidu39
10AT-88-Z39

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1United States755
2China647
3France397
4Brazil177
5Russian Federation152
6Netherlands122
7Italy117
8United Kingdom116
9South Korea112
10India108

Suspected Bot List [2018-12-03]

detection period: 2018-12-03 00:00-23:59 UTC
number of suspected bots' IPs listed here: 273

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Monday, December 3, 2018

Botnet Statistics [2018-12-02]

detection period: 2018-12-02 00:00-23:59 UTC
total number of suspected botnet IPs: 4029
number of botnet IPs notified to network operators: 3763
number of spam blocked: 2977
recipient count of spam blocked: 89310

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNKNOWN159
2TencentCloud114
3TENCENT-CN59
4KORNET-KR57
5MSFT49
6DIGITALOCEAN-849
7CHINANET-GD45
8DO-1343
9DIGITALOCEAN-743
10AT-88-Z43

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China750
2United States726
3France384
4Brazil166
5Russian Federation148
6Netherlands124
7India115
8Italy113
9United Kingdom112
10South Korea102

Suspected Bot List [2018-12-02]

detection period: 2018-12-02 00:00-23:59 UTC
number of suspected bots' IPs listed here: 266

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Sunday, December 2, 2018

Botnet Statistics [2018-12-01]

detection period: 2018-12-01 00:00-23:59 UTC
total number of suspected botnet IPs: 3748
number of botnet IPs notified to network operators: 3501
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud114
2TENCENT-CN59
3KORNET-KR54
4CMNET47
5DO-1342
6CHINANET-GD41
7DIGITALOCEAN-840
8CHINANET-JS38
9MSFT36
10Baidu36

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China764
2United States659
3France335
4Brazil152
5Russian Federation140
6Netherlands111
7India105
8South Korea104
9United Kingdom100
10Italy95

Suspected Bot List [2018-12-01]

detection period: 2018-12-01 00:00-23:59 UTC
number of suspected bots' IPs listed here: 247

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:

Saturday, December 1, 2018

Botnet Statistics [2018-11-30]

detection period: 2018-11-30 00:00-23:59 UTC
total number of suspected botnet IPs: 3796
number of botnet IPs notified to network operators: 3525
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud115
2TENCENT-CN67
3KORNET-KR54
4AT-88-Z50
5MSFT46
6CMNET43
7Baidu42
8DIGITALOCEAN-839
9CHINANET-GD39
10AMAZON-2011L39

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China776
2United States713
3France335
4Brazil166
5Russian Federation156
6Netherlands107
7India107
8South Korea94
9Italy92
10Canada85

Suspected Bot List [2018-11-30]

detection period: 2018-11-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 271

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting: