total number of suspected botnet IPs: 25956
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 24424
number of spam blocked: 0
recipient count of spam blocked: 0
The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | TencentCloud | 913 |
| 2 | ALISOFT | 793 |
| 3 | Baidu | 784 |
| 4 | TENCENT-CN | 635 |
| 5 | HINET-NET | 391 |
| 6 | DO-13 | 377 |
| 7 | TELKOMNET | 341 |
| 8 | KORNET | 323 |
| 9 | CHINANET-JS | 302 |
| 10 | CHINANET-GD | 286 |
The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:
| Rank | Country/Region | # of suspected botnet IPs |
|---|---|---|
| 1 | China | 6705 |
| 2 | United States | 3054 |
| 3 | India | 1357 |
| 4 | Russian Federation | 1181 |
| 5 | France | 924 |
| 6 | Indonesia | 910 |
| 7 | Viet Nam | 811 |
| 8 | Brazil | 694 |
| 9 | South Korea | 543 |
| 10 | Taiwan | 522 |
The top 10 TCP ports, ordered by number of connection attempts received are:
| Rank | TCP port number | # of connection attempts received |
|---|---|---|
| 1 | 445 | 107442 |
| 2 | 22 | 58488 |
| 3 | 13022 | 48027 |
| 4 | 222 | 47190 |
| 5 | 3389 | 46815 |
| 6 | 1024 | 32921 |
| 7 | 1433 | 30784 |
| 8 | 2662 | 28246 |
| 9 | 5901 | 28183 |
| 10 | 5900 | 27611 |
No comments:
Post a Comment