Custom Search

Thursday, April 30, 2020

Botnet Statistics [2020-04-29]

detection period: 2020-04-29 00:00-23:59 UTC
total number of suspected botnet IPs: 35722
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 33455
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1120
2VNPT-VN1045
3Baidu864
4VIETTEL-VN753
5DIGITALOCEAN-162-243-0-0734
6TENCENT-CN665
7HINET-NET618
8VODACOM-06062012510
9TELKOMNET406
10CHINANET-JS398

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7733
2United States4440
3Viet Nam2480
4Russian Federation2136
5Indonesia1275
6India1237
7France1032
8Thailand807
9Taiwan788
10South Korea617

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11024532660
2105195284
3600188120
4104169403
5123164621
6106164232
78220145965
82008144496
960135449
10107133640
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-29]

detection period: 2020-04-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 2267

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Wednesday, April 29, 2020

Botnet Statistics [2020-04-28]

detection period: 2020-04-28 00:00-23:59 UTC
total number of suspected botnet IPs: 34756
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 33103
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1VNPT-VN1146
2TencentCloud1142
3Baidu907
4VIETTEL-VN739
5TENCENT-CN676
6HINET-NET675
7TELKOMNET442
8DIGITALOCEAN-162-243-0-0403
9CHINANET-JS389
10CMNET370

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7878
2United States4028
3Viet Nam2593
4Russian Federation2090
5Indonesia1262
6India1179
7France1033
8Taiwan871
9Thailand746
10South Korea603

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11024556800
2123162537
3445119989
4602194718
5900092903
6402278396
72275650
8777763952
9590053577
1022251566
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-28]

detection period: 2020-04-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1653

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Tuesday, April 28, 2020

Botnet Statistics [2020-04-27]

detection period: 2020-04-27 00:00-23:59 UTC
total number of suspected botnet IPs: 33828
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 32181
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1190
2VNPT-VN1123
3Baidu938
4VIETTEL-VN717
5TENCENT-CN708
6HINET-NET597
7TELKOMNET430
8DIGITALOCEAN-162-243-0-0404
9CHINANET-JS400
10CHINANET-GD377

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7935
2United States4086
3Viet Nam2513
4Russian Federation2040
5Indonesia1200
6India1171
7France1034
8Taiwan741
9Thailand717
10South Korea611

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11024574898
2445185224
3123158881
4722286601
5900070637
6402269620
7777763842
82261027
9444458291
102355691
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-27]

detection period: 2020-04-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1647

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Monday, April 27, 2020

Botnet Statistics [2020-04-26]

detection period: 2020-04-26 00:00-23:59 UTC
total number of suspected botnet IPs: 33367
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 31842
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1222
2Baidu992
3TENCENT-CN735
4VNPT-VN732
5HINET-NET639
6VIETTEL-VN560
7ALISOFT447
8CHINANET-GD441
9CHINANET-JS422
10DIGITALOCEAN-162-243-0-0403

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8428
2United States4234
3Russian Federation1948
4Viet Nam1882
5France1054
6India1040
7Indonesia986
8Taiwan814
9South Korea641
10Thailand559

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11024580130
2123162873
3402286647
422279067
5777766983
644563410
7900063227
8444461277
92259677
10590054800
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-26]

detection period: 2020-04-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1525

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Sunday, April 26, 2020

Botnet Statistics [2020-04-25]

detection period: 2020-04-25 00:00-23:59 UTC
total number of suspected botnet IPs: 32523
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 30978
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1157
2Baidu960
3VNPT-VN776
4TENCENT-CN677
5VIETTEL-VN656
6HINET-NET654
7CHINANET-JS481
8ALISOFT434
9DIGITALOCEAN-162-243-0-0406
10CHINANET-GD398

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8098
2United States3893
3Viet Nam2028
4Russian Federation1900
5India1080
6Indonesia1007
7France992
8Taiwan849
9South Korea593
10Hong Kong564

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11024583517
2123165069
32048103904
4402283439
5777769127
644561593
7444461522
8338960143
9900058384
10590055765
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-25]

detection period: 2020-04-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1545

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Saturday, April 25, 2020

Botnet Statistics [2020-04-24]

detection period: 2020-04-24 00:00-23:59 UTC
total number of suspected botnet IPs: 34830
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 33160
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1181
2VNPT-VN1040
3Baidu1005
4HINET-NET818
5TENCENT-CN720
6VIETTEL-VN713
7ALISOFT446
8CHINANET-GD432
9CHINANET-JS425
10MSFT408

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8753
2United States4193
3Viet Nam2368
4Russian Federation1990
5India1220
6Indonesia1076
7Taiwan1005
8France978
9Thailand734
10South Korea665

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11024552263
22048266397
34000248924
47000231153
58000209623
63000205210
72000195405
85000189541
91000172371
1025163615
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-24]

detection period: 2020-04-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1670

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Friday, April 24, 2020

Botnet Statistics [2020-04-23]

detection period: 2020-04-23 00:00-23:59 UTC
total number of suspected botnet IPs: 32404
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 30812
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1116
2Baidu911
3VNPT-VN854
4TENCENT-CN650
5VIETTEL-VN648
6HINET-NET578
7DIGITALOCEAN-162-243-0-0414
8CHINANET-GD407
9ALISOFT405
10CMNET385

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7683
2United States4060
3Russian Federation2171
4Viet Nam2075
5India1099
6Indonesia1040
7France941
8Taiwan741
9Thailand733
10South Korea541

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
110001392976
240001365406
320001331829
460001316604
530001275860
650001233912
780001162045
870001038577
96001963101
101024170198
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-23]

detection period: 2020-04-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1592

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Botnet Statistics [2020-04-22]

detection period: 2020-04-22 00:00-23:59 UTC
total number of suspected botnet IPs: 33943
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 32238
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1162
2VNPT-VN1138
3Baidu958
4VIETTEL-VN760
5TENCENT-CN698
6HINET-NET564
7ALISOFT419
8CHINANET-GD414
9DIGITALOCEAN-162-243-0-0409
10CHINANET-JS406

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8383
2United States3768
3Viet Nam2523
4Russian Federation2052
5India1158
6Indonesia1146
7France984
8Thailand884
9Taiwan745
10South Korea584

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
110001397735
280001383124
350001317055
470001304276
530001246555
660001188056
740001140108
820001125808
96001543467
102048211867
Labels:
Posted by at No comments:

Thursday, April 23, 2020

Suspected Bot List [2020-04-22]

detection period: 2020-04-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1705

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Wednesday, April 22, 2020

Botnet Statistics [2020-04-21]

detection period: 2020-04-21 00:00-23:59 UTC
total number of suspected botnet IPs: 35651
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 33914
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1VNPT-VN1358
2TencentCloud1306
3Baidu1059
4TENCENT-CN823
5VIETTEL-VN780
6HINET-NET585
7CHINANET-GD473
8ALISOFT470
9DIGITALOCEAN-162-243-0-0416
10CMNET395

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China9119
2United States3971
3Viet Nam2800
4Russian Federation2147
5India1195
6Indonesia1144
7France1000
8Thailand920
9Taiwan773
10South Korea622

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
120001707423
280001691302
310001637236
450001589001
540001587024
670001547759
730001397550
860001324693
92048226159
10123142346
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-21]

detection period: 2020-04-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1737

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Tuesday, April 21, 2020

Botnet Statistics [2020-04-20]

detection period: 2020-04-20 00:00-23:59 UTC
total number of suspected botnet IPs: 33570
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 31889
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1273
2VNPT-VN1083
3Baidu1048
4TENCENT-CN784
5VIETTEL-VN609
6HINET-NET558
7ALISOFT435
8DIGITALOCEAN-162-243-0-0430
9CHINANET-GD427
10CHINANET-JS381

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8470
2United States3973
3Viet Nam2298
4Russian Federation2001
5India1113
6Indonesia993
7France937
8Taiwan732
9Thailand680
10South Korea604

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
180001029400
210001003499
34000988306
42000954609
55000938646
67000922864
73000784014
86000782585
92048230155
101024156409
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-20]

detection period: 2020-04-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1681

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Monday, April 20, 2020

Botnet Statistics [2020-04-19]

detection period: 2020-04-19 00:00-23:59 UTC
total number of suspected botnet IPs: 30474
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 29136
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1309
2Baidu1059
3TENCENT-CN825
4VNPT-VN644
5HINET-NET522
6VIETTEL-VN456
7DIGITALOCEAN-162-243-0-0436
8CHINANET-JS407
9CHINANET-GD402
10CMNET367

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8275
2United States3956
3Russian Federation1889
4Viet Nam1547
5France991
6India875
7Indonesia711
8Taiwan687
9South Korea573
10Hong Kong534

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12048226080
2123153077
31024120302
46002117363
54022112658
6590097986
71000094705
8362289715
9352279742
10889973760
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-19]

detection period: 2020-04-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1338

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Sunday, April 19, 2020

Botnet Statistics [2020-04-18]

detection period: 2020-04-18 00:00-23:59 UTC
total number of suspected botnet IPs: 31145
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 29683
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1220
2Baidu981
3VNPT-VN787
4TENCENT-CN741
5HINET-NET549
6VIETTEL-VN505
7DIGITALOCEAN-162-243-0-0438
8MSFT435
9CHINANET-JS429
10CHINANET-GD395

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8275
2United States4074
3Russian Federation1804
4Viet Nam1764
5India953
6France938
7Indonesia791
8Taiwan715
9South Korea584
10Thailand557

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12048243133
2123166286
31024130248
4445102419
55900100257
6402286652
72260873
822259120
9777756858
10338952316
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-18]

detection period: 2020-04-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1462

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Saturday, April 18, 2020

Botnet Statistics [2020-04-17]

detection period: 2020-04-17 00:00-23:59 UTC
total number of suspected botnet IPs: 32560
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 31021
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1205
2VNPT-VN1020
3Baidu975
4TENCENT-CN738
5VIETTEL-VN674
6HINET-NET591
7CHINANET-GD453
8DIGITALOCEAN-162-243-0-0443
9CHINANET-JS427
10ALISOFT402

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8274
2United States4040
3Viet Nam2268
4Russian Federation1989
5India1019
6France963
7Indonesia874
8Taiwan778
9Thailand668
10South Korea608

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12048183439
2123171588
31024134795
45900101119
5600097578
644596940
72378850
82273223
9402272176
1022265673
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-17]

detection period: 2020-04-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1539

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Friday, April 17, 2020

Botnet Statistics [2020-04-16]

detection period: 2020-04-16 00:00-23:59 UTC
total number of suspected botnet IPs: 33740
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 32149
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1260
2Baidu984
3VNPT-VN930
4TENCENT-CN754
5VIETTEL-VN686
6HINET-NET640
7CHINANET-GD439
8DIGITALOCEAN-162-243-0-0438
9CHINANET-JS412
10ALISOFT409

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8336
2United States4062
3Viet Nam2174
4Russian Federation2171
5India1067
6Indonesia1034
7France959
8Taiwan809
9Thailand751
10South Korea584

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12048162889
21024161629
3123154545
45900102850
544583311
6402279040
72264155
8777763466
9444451797
102350794
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-16]

detection period: 2020-04-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1591

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Thursday, April 16, 2020

Botnet Statistics [2020-04-15]

detection period: 2020-04-15 00:00-23:59 UTC
total number of suspected botnet IPs: 31673
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 30137
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1104
2VNPT-VN971
3Baidu896
4VIETTEL-VN675
5TENCENT-CN672
6HINET-NET608
7DIGITALOCEAN-162-243-0-0447
8CHINANET-JS421
9CHINANET-GD408
10ALISOFT356

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7556
2United States3748
3Viet Nam2229
4Russian Federation1959
5India1020
6Indonesia991
7France896
8Taiwan781
9Thailand773
10South Korea592

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1123197803
21024166556
3445161995
45900114171
510000111406
67000105100
73422102663
8402298681
9312276711
10777772430
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-15]

detection period: 2020-04-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1536

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Wednesday, April 15, 2020

Botnet Statistics [2020-04-14]

detection period: 2020-04-14 00:00-23:59 UTC
total number of suspected botnet IPs: 33731
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 31990
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1116
2VNPT-VN1055
3Baidu909
4VIETTEL-VN686
5TENCENT-CN669
6HINET-NET609
7DIGITALOCEAN-162-243-0-0449
8CHINANET-GD420
9CHINANET-JS409
10ALISOFT387

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8011
2United States3660
3Viet Nam2398
4Russian Federation2152
5India1119
6Indonesia1043
7France924
8Taiwan793
9Thailand780
10South Korea617

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12048225761
2123191695
3445166379
41024162924
55900107728
62822105803
72922105345
82622104074
9402295480
10272295070
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-14]

detection period: 2020-04-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1741

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Tuesday, April 14, 2020

Botnet Statistics [2020-04-13]

detection period: 2020-04-13 00:00-23:59 UTC
total number of suspected botnet IPs: 35310
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 33593
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1184
2VNPT-VN1111
3Baidu947
4VIETTEL-VN797
5TENCENT-CN710
6HINET-NET680
7CHINANET-JS456
8DIGITALOCEAN-162-243-0-0453
9ALISOFT439
10CHINANET-GD427

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8216
2United States4076
3Viet Nam2553
4Russian Federation2186
5India1152
6Indonesia1069
7France1004
8Taiwan880
9Thailand736
10South Korea681

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
17070328972
21224303039
32048295910
4123198369
51024164486
6445152005
76000140696
88288133529
95900116464
102422112333
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-13]

detection period: 2020-04-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1717

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Monday, April 13, 2020

Botnet Statistics [2020-04-12]

detection period: 2020-04-12 00:00-23:59 UTC
total number of suspected botnet IPs: 33038
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 31453
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1214
2Baidu967
3VNPT-VN806
4TENCENT-CN724
5HINET-NET676
6VIETTEL-VN616
7DIGITALOCEAN-162-243-0-0453
8CHINANET-JS430
9ALISOFT422
10CHINANET-GD414

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8053
2United States3937
3Viet Nam2022
4Russian Federation1999
5India1030
6France982
7Taiwan897
8Indonesia872
9South Korea642
10Thailand563

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
150381249919
27070361274
32048294454
41024186948
5123173843
66000114437
74022114417
81110105948
9600697470
10162296639
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-12]

detection period: 2020-04-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1585

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Sunday, April 12, 2020

Botnet Statistics [2020-04-11]

detection period: 2020-04-11 00:00-23:59 UTC
total number of suspected botnet IPs: 30277
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 28833
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1138
2Baidu916
3VNPT-VN789
4TENCENT-CN689
5HINET-NET620
6VIETTEL-VN560
7ALISOFT499
8DIGITALOCEAN-162-243-0-0445
9CHINANET-JS424
10CHINANET-GD395

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7727
2United States3683
3Viet Nam1920
4Russian Federation1702
5France951
6India940
7Taiwan813
8Indonesia739
9South Korea592
10Thailand562

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
17070792720
25038564118
32048245577
41024220421
54022205769
6123123826
72284347
844576397
9777770557
10132266081
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-11]

detection period: 2020-04-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1444

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Saturday, April 11, 2020

Botnet Statistics [2020-04-10]

detection period: 2020-04-10 00:00-23:59 UTC
total number of suspected botnet IPs: 30607
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 29124
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1185
2Baidu948
3VNPT-VN861
4TENCENT-CN703
5HINET-NET555
6VIETTEL-VN492
7DIGITALOCEAN-162-243-0-0457
8CHINANET-JS402
9ALISOFT392
10CHINANET-GD385

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7690
2United States3678
3Russian Federation1924
4Viet Nam1914
5India1011
6France960
7Taiwan728
8Thailand700
9Indonesia676
10South Korea600

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
150381572708
27070336563
31234196060
42048160961
5123152346
61024141454
7402285870
844584833
9700083040
10777764948
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-10]

detection period: 2020-04-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1483

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Friday, April 10, 2020

Botnet Statistics [2020-04-09]

detection period: 2020-04-09 00:00-23:59 UTC
total number of suspected botnet IPs: 32587
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 31035
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1230
2Baidu972
3VNPT-VN919
4TENCENT-CN726
5HINET-NET601
6VIETTEL-VN585
7ALISOFT474
8DIGITALOCEAN-162-243-0-0454
9CHINANET-GD428
10CHINANET-JS390

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8084
2United States3870
3Viet Nam2043
4Russian Federation2013
5India1062
6France1027
7Indonesia968
8Taiwan782
9Thailand664
10South Korea638

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12048166178
25038159083
31024141835
4123109386
544595201
6402274755
72370895
8777767041
9444460986
102259269
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-09]

detection period: 2020-04-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1552

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Thursday, April 9, 2020

Botnet Statistics [2020-04-08]

detection period: 2020-04-08 00:00-23:59 UTC
total number of suspected botnet IPs: 31637
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 29991
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1099
2Baidu935
3VNPT-VN918
4TENCENT-CN655
5HINET-NET644
6VIETTEL-VN597
7ALISOFT496
8DIGITALOCEAN-162-243-0-0454
9CHINANET-GD418
10CHINANET-JS379

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7637
2United States3642
3Russian Federation2030
4Viet Nam2029
5India1069
6Indonesia934
7France888
8Taiwan844
9Thailand721
10South Korea574

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
15038367328
27070193690
32048179654
4123158050
51024157087
65486121625
7888898323
844597733
9999987534
10444486318
Labels:
Posted by at No comments:

Suspected Bot List [2020-04-08]

detection period: 2020-04-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1646

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Wednesday, April 8, 2020

Botnet Statistics [2020-04-07]

detection period: 2020-04-07 00:00-23:59 UTC
total number of suspected botnet IPs: 31688
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 30009
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1115
2Baidu944
3VNPT-VN848
4TENCENT-CN664
5VIETTEL-VN662
6HINET-NET625
7DIGITALOCEAN-7455
8CHINANET-JS398
9CHINANET-GD390
10KORNET347

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7611
2United States3594
3Viet Nam2064
4Russian Federation2039
5India1083
6Indonesia1023
7France909
8Taiwan831
9Thailand690
10South Korea621

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
15038228328
21024205180
32048173795
4123154759
5402283117
644571879
7444470980
8777770967
92264432
10125062789
Labels:
Posted by at No comments:
Subscribe to: Posts (Atom)