total number of suspected botnet IPs: 4129
number of botnet IPs notified to network operators: 3809
number of spam blocked: 672
recipient count of spam blocked: 20044
The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | TencentCloud | 75 |
| 2 | CMNET | 73 |
| 3 | AT-88-Z | 65 |
| 4 | CHINANET-GD | 63 |
| 5 | CHINANET-JS | 57 |
| 6 | UNKNOWN | 48 |
| 7 | KORNET-KR | 48 |
| 8 | TENCENT-CN | 46 |
| 9 | HINET-NET | 38 |
| 10 | DO-13 | 38 |
The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:
| 1 | China | 1026 |
| 2 | United States | 702 |
| 3 | Russian Federation | 232 |
| 4 | Brazil | 165 |
| 5 | France | 161 |
| 6 | South Korea | 119 |
| 7 | Netherlands | 106 |
| 8 | Viet Nam | 103 |
| 9 | India | 103 |
| 10 | Italy | 95 |
Hi Chih, thanks for the notification to Wholesale Internet. I have nuked the Server 2008 R2 VM that I was running and I am now reinstalling Server 2016. I wouldn't have known that my server was infected and part of a botnet if it weren't for you.
ReplyDelete