Custom Search

Sunday, May 31, 2020

Botnet Statistics [2020-05-30]

detection period: 2020-05-30 00:00-23:59 UTC
total number of suspected botnet IPs: 28801
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 27480
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1164
2Baidu863
3VNPT-VN706
4TENCENT-CN662
5HINET-NET553
6DIGITALOCEAN-162-243-0-0539
7VIETTEL-VN446
8CHINANET-GD381
9ALISOFT378
10CHINANET-JS354

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7955
2United States3146
3Viet Nam1654
4Russian Federation1571
5India1315
6Brazil1287
7France831
8Indonesia788
9Taiwan712
10South Korea558

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
17891487147
22001269251
3122208504
4666207519
51212201989
67023194048
72121175317
83131165603
93022115837
1044595493
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-30]

detection period: 2020-05-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1321

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Saturday, May 30, 2020

Botnet Statistics [2020-05-29]

detection period: 2020-05-29 00:00-23:59 UTC
total number of suspected botnet IPs: 30433
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 28974
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1175
2VNPT-VN978
3Baidu876
4TENCENT-CN679
5HINET-NET615
6VIETTEL-VN601
7DIGITALOCEAN-162-243-0-0536
8CHINANET-GD400
9VE-CSVE-LACNIC396
10ALISOFT391

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7822
2United States3121
3Viet Nam2181
4Russian Federation1706
5Brazil1463
6India1421
7Indonesia969
8France841
9Taiwan794
10Thailand630

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11212639186
2666629540
3122616123
42121505714
53131484361
62001245868
76969212724
8445141252
93022135590
102022103322
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-29]

detection period: 2020-05-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1459

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Friday, May 29, 2020

Botnet Statistics [2020-05-28]

detection period: 2020-05-28 00:00-23:59 UTC
total number of suspected botnet IPs: 30443
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 29017
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1200
2VNPT-VN1007
3Baidu896
4TENCENT-CN689
5HINET-NET629
6VIETTEL-VN618
7DIGITALOCEAN-162-243-0-0551
8CHINANET-GD418
9ALISOFT391
10CHINANET-JS360

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7917
2United States3285
3Viet Nam2202
4Russian Federation1788
5Brazil1458
6India1274
7Indonesia897
8France843
9Taiwan775
10Thailand653

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1666399706
2122396106
31212390558
42121327020
53131308127
63022142897
76969132915
8768131209
9110103191
10202272439
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-28]

detection period: 2020-05-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1426

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Thursday, May 28, 2020

Botnet Statistics [2020-05-27]

detection period: 2020-05-27 00:00-23:59 UTC
total number of suspected botnet IPs: 30722
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 29324
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1214
2VNPT-VN1011
3Baidu896
4TENCENT-CN707
5VIETTEL-VN660
6HINET-NET657
7DIGITALOCEAN-162-243-0-0555
8ALISOFT418
9CMNET404
10CHINANET-GD384

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7895
2United States3275
3Viet Nam2289
4Russian Federation1766
5Brazil1434
6India1259
7Indonesia991
8France860
9Taiwan803
10Thailand642

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1666529984
2122491907
31212474152
42121422205
53131385915
6768276167
71100172468
86969167238
92026150951
103022144114
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-27]

detection period: 2020-05-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1398

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Wednesday, May 27, 2020

Botnet Statistics [2020-05-26]

detection period: 2020-05-26 00:00-23:59 UTC
total number of suspected botnet IPs: 30109
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 28718
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1219
2VNPT-VN963
3Baidu889
4TENCENT-CN699
5VIETTEL-VN643
6HINET-NET600
7CHINANET-GD415
8CMNET409
9VE-CSVE-LACNIC400
10DIGITALOCEAN-162-243-0-0385

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7844
2United States3015
3Viet Nam2164
4Russian Federation1875
5Brazil1418
6India1230
7France876
8Indonesia835
9Taiwan757
10Thailand659

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
111001235151
22029989783
32028966058
42026958949
52027954537
66666428794
76161406346
86060378009
9768277117
103022144401
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-26]

detection period: 2020-05-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1391

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Tuesday, May 26, 2020

Botnet Statistics [2020-05-25]

detection period: 2020-05-25 00:00-23:59 UTC
total number of suspected botnet IPs: 30473
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 29133
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1253
2VNPT-VN966
3Baidu915
4TENCENT-CN726
5HINET-NET625
6VIETTEL-VN602
7DIGITALOCEAN-162-243-0-0540
8CMNET431
9CHINANET-GD411
10ALISOFT400

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8151
2United States3307
3Viet Nam2231
4Russian Federation1781
5Brazil1431
6India1112
7France885
8Taiwan791
9Thailand654
10Indonesia646

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1768267834
22026123876
3322120398
41100104392
5445104378
62027100851
7180392831
8202884752
933365746
10202965458
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-25]

detection period: 2020-05-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1340

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Monday, May 25, 2020

Botnet Statistics [2020-05-24]

detection period: 2020-05-24 00:00-23:59 UTC
total number of suspected botnet IPs: 29668
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 28349
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1275
2Baidu947
3TENCENT-CN751
4HINET-NET683
5DIGITALOCEAN-162-243-0-0559
6VNPT-VN541
7ALISOFT493
8CMNET449
9CHINANET-GD428
10KORNET420

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8290
2United States3428
3Russian Federation1600
4Viet Nam1500
5Brazil1342
6India961
7France932
8Taiwan876
9South Korea683
10Indonesia621

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
111001622164
220261297393
320291288189
420271238355
520281220914
66666559989
76161551354
86060510789
9768277408
10333150110
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-24]

detection period: 2020-05-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1319

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Sunday, May 24, 2020

Botnet Statistics [2020-05-23]

detection period: 2020-05-23 00:00-23:59 UTC
total number of suspected botnet IPs: 28547
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 27187
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1114
2Baidu867
3HINET-NET733
4VNPT-VN719
5TENCENT-CN656
6DIGITALOCEAN-162-243-0-0560
7KORNET538
8VIETTEL-VN462
9CHINANET-GD401
10CMNET381

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7405
2United States2998
3Viet Nam1737
4Russian Federation1511
5Brazil1240
6India1139
7Taiwan933
8France837
9South Korea825
10Indonesia673

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11280578045
25038550590
3768278468
4777180128
5333150334
62000111867
7445110980
8223692011
932277739
10221871728
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-23]

detection period: 2020-05-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1360

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Saturday, May 23, 2020

Botnet Statistics [2020-05-22]

detection period: 2020-05-22 00:00-23:59 UTC
total number of suspected botnet IPs: 30650
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 29143
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1141
2VNPT-VN1003
3Baidu881
4TENCENT-CN682
5HINET-NET672
6VIETTEL-VN610
7DIGITALOCEAN-162-243-0-0581
8CMNET399
9VE-CSVE-LACNIC382
10CHINANET-GD381

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7669
2United States3122
3Viet Nam2336
4Russian Federation1864
5India1292
6Taiwan865
7France857
8Indonesia834
9Thailand670
10South Korea570

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
15038536047
21280253259
3777230739
4445158791
5333150801
62000107744
7221993900
8102492855
9221679904
10338265760
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-22]

detection period: 2020-05-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1507

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Friday, May 22, 2020

Botnet Statistics [2020-05-21]

detection period: 2020-05-21 00:00-23:59 UTC
total number of suspected botnet IPs: 31201
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 29654
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1169
2VNPT-VN1057
3Baidu899
4VIETTEL-VN720
5TENCENT-CN680
6HINET-NET665
7DIGITALOCEAN-162-243-0-0569
8CMNET438
9ALISOFT410
10CHINANET-GD390

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7924
2United States3274
3Viet Nam2498
4Russian Federation1856
5India1304
6Taiwan860
7France843
8Indonesia783
9Thailand765
10South Korea506

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
15038521741
21110356500
31113318028
41112310890
5622298205
61111292543
72022263060
862256860
92021250942
102023244825
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-21]

detection period: 2020-05-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1547

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Thursday, May 21, 2020

Botnet Statistics [2020-05-20]

detection period: 2020-05-20 00:00-23:59 UTC
total number of suspected botnet IPs: 32189
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 30531
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1175
2VNPT-VN1055
3Baidu890
4HINET-NET772
5VIETTEL-VN728
6TENCENT-CN697
7DIGITALOCEAN-162-243-0-0585
8ALISOFT475
9CMNET462
10KORNET402

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8056
2United States3356
3Viet Nam2470
4Russian Federation1863
5India1242
6Indonesia992
7Taiwan975
8France866
9Thailand745
10South Korea648

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
15038578270
21024341131
3622295234
462271882
51113260076
61112244855
71111241807
82024237196
91110232880
102023197053
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-20]

detection period: 2020-05-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1658

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Wednesday, May 20, 2020

Botnet Statistics [2020-05-19]

detection period: 2020-05-19 00:00-23:59 UTC
total number of suspected botnet IPs: 32520
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 30910
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1175
2VNPT-VN970
3Baidu940
4HINET-NET878
5TENCENT-CN707
6VIETTEL-VN678
7DIGITALOCEAN-162-243-0-0589
8ALISOFT463
9CMNET451
10CHINANET-GD410

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8491
2United States3454
3Viet Nam2255
4Russian Federation1871
5India1314
6Taiwan1102
7Indonesia989
8France920
9Thailand660
10South Korea546

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1622397387
21110375940
362374342
41112364452
51113362247
61111357015
71024344211
82022333038
92025316249
102024298148
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-19]

detection period: 2020-05-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1610

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Tuesday, May 19, 2020

Botnet Statistics [2020-05-18]

detection period: 2020-05-18 00:00-23:59 UTC
total number of suspected botnet IPs: 33960
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 32292
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1483
2TencentCloud1235
3VNPT-VN1083
4Baidu958
5VIETTEL-VN732
6TENCENT-CN729
7DIGITALOCEAN-162-243-0-0591
8CMNET464
9TELKOMNET413
10CHINANET-GD409

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8308
2United States3599
3Viet Nam2445
4Russian Federation1843
5Taiwan1751
6India1278
7Indonesia1147
8France925
9Thailand760
10South Korea615

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11111313379
21113294440
31110289047
462280961
51112273197
6622259395
72021255902
82023233515
92024226733
102022218021
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-18]

detection period: 2020-05-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1668

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Monday, May 18, 2020

Botnet Statistics [2020-05-17]

detection period: 2020-05-17 00:00-23:59 UTC
total number of suspected botnet IPs: 32243
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 30768
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1701
2TencentCloud1265
3Baidu968
4TENCENT-CN732
5VNPT-VN637
6DIGITALOCEAN-162-243-0-0600
7VIETTEL-VN533
8KORNET504
9CMNET435
10ALISOFT424

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8265
2United States3742
3Taiwan2032
4Russian Federation1751
5Viet Nam1628
6India982
7France925
8Indonesia818
9South Korea742
10Thailand499

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12000115326
244594908
3338267731
4300564299
52255933
6111049731
7111345629
8202143684
9202442511
10111141966
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-17]

detection period: 2020-05-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1475

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Sunday, May 17, 2020

Botnet Statistics [2020-05-16]

detection period: 2020-05-16 00:00-23:59 UTC
total number of suspected botnet IPs: 31380
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 29886
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1459
2TencentCloud1121
3Baidu886
4VNPT-VN793
5TENCENT-CN649
6VIETTEL-VN619
7DIGITALOCEAN-162-243-0-0606
8KORNET452
9MSFT409
10CHINANET-GD404

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7553
2United States3959
3Viet Nam1941
4Taiwan1761
5Russian Federation1629
6India1137
7France866
8Indonesia853
9South Korea716
10Thailand475

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1622411743
21111397400
31110365328
462360846
51113357291
61112350261
72022340607
82024329072
92025315816
102023288488
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-16]

detection period: 2020-05-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1494

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Saturday, May 16, 2020

Botnet Statistics [2020-05-15]

detection period: 2020-05-15 00:00-23:59 UTC
total number of suspected botnet IPs: 33063
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 31455
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1457
2TencentCloud1129
3VNPT-VN1025
4Baidu904
5VIETTEL-VN745
6TENCENT-CN661
7DIGITALOCEAN-162-243-0-0605
8KORNET452
9ALISOFT447
10CHINANET-JS378

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7678
2United States3696
3Viet Nam2398
4Russian Federation1730
5Taiwan1725
6India1238
7Indonesia1073
8France876
9South Korea694
10Thailand664

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
162375829
21110351984
31113329050
41112328302
51111309195
6622288765
72024247849
82022237571
92021231770
102025220337
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-15]

detection period: 2020-05-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1505

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Friday, May 15, 2020

Botnet Statistics [2020-05-14]

detection period: 2020-05-14 00:00-23:59 UTC
total number of suspected botnet IPs: 33063
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 31455
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1417
2TencentCloud1143
3VNPT-VN982
4Baidu917
5VIETTEL-VN773
6TENCENT-CN686
7DIGITALOCEAN-162-243-0-0586
8KORNET420
9ALISOFT420
10CHINANET-GD391

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7777
2United States3501
3Viet Nam2381
4Russian Federation1808
5Taiwan1718
6India1276
7Indonesia1059
8France893
9Thailand746
10South Korea652

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1115171086
2114153526
3102152224
4107150294
5445149748
6104148908
7101143667
8100142450
9109140304
10112137432
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-14]

detection period: 2020-05-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1608

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Thursday, May 14, 2020

Botnet Statistics [2020-05-13]

detection period: 2020-05-13 00:00-23:59 UTC
total number of suspected botnet IPs: 34430
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 32787
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1553
2TencentCloud1181
3VNPT-VN1117
4Baidu938
5VIETTEL-VN823
6TENCENT-CN703
7DIGITALOCEAN-162-243-0-0617
8KORNET426
9ALISOFT425
10CHINANET-GD409

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8087
2United States3588
3Viet Nam2614
4Russian Federation1872
5Taiwan1862
6India1299
7Indonesia1131
8France940
9Thailand721
10South Korea696

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12012199670
2106194637
32018180538
4100171086
52019171061
62016170257
7107165630
8101164127
9105163938
10114162479
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-13]

detection period: 2020-05-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1643

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Wednesday, May 13, 2020

Botnet Statistics [2020-05-12]

detection period: 2020-05-12 00:00-23:59 UTC
total number of suspected botnet IPs: 35397
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 33717
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1685
2TencentCloud1172
3VNPT-VN1127
4Baidu955
5VIETTEL-VN789
6TENCENT-CN713
7DIGITALOCEAN-162-243-0-0616
8CHINANET-AH551
9ALISOFT454
10TELKOMNET438

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8549
2United States3678
3Viet Nam2636
4Taiwan1993
5Russian Federation1906
6India1456
7Indonesia1240
8France919
9Thailand781
10Brazil633

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
12013214048
22015211503
3102205494
42017200793
5103182748
6101172119
72016165936
8104164084
9114159854
101024159658
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-12]

detection period: 2020-05-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1680

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Tuesday, May 12, 2020

Botnet Statistics [2020-05-11]

detection period: 2020-05-11 00:00-23:59 UTC
total number of suspected botnet IPs: 34372
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 32788
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1243
2HINET-NET1159
3VNPT-VN1137
4Baidu971
5VIETTEL-VN761
6TENCENT-CN742
7DIGITALOCEAN-162-243-0-0630
8ALISOFT488
9TELKOMNET418
10CHINANET-JS417

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8396
2United States3848
3Viet Nam2583
4Russian Federation1733
5India1507
6Taiwan1406
7Indonesia1237
8France940
9Brazil693
10Thailand533

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1114237107
2105205969
3115199527
4100198509
5107193773
6101189676
7106184654
8108175349
9123173361
10109170075
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-11]

detection period: 2020-05-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1584

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Monday, May 11, 2020

Botnet Statistics [2020-05-10]

detection period: 2020-05-10 00:00-23:59 UTC
total number of suspected botnet IPs: 32533
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 30971
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1253
2HINET-NET1105
3Baidu1000
4TENCENT-CN768
5VNPT-VN691
6DIGITALOCEAN-162-243-0-0632
7VIETTEL-VN555
8ALISOFT507
9CMNET416
10CHINANET-GD408

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China8504
2United States4045
3Viet Nam1784
4Russian Federation1756
5Taiwan1363
6India1017
7France957
8Indonesia866
9South Korea562
10Thailand483

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
1114279608
2108266245
3113218514
4112214175
5109203723
6115201602
72016173416
82013170211
91024169179
10123167051
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-10]

detection period: 2020-05-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1562

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Sunday, May 10, 2020

Botnet Statistics [2020-05-09]

detection period: 2020-05-09 00:00-23:59 UTC
total number of suspected botnet IPs: 30400
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 28885
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1098
2Baidu788
3VNPT-VN761
4HINET-NET724
5TENCENT-CN657
6DIGITALOCEAN-162-243-0-0652
7VIETTEL-VN540
8CHINANET-JS401
9CHINANET-GD369
10ALISOFT354

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7653
2United States3555
3Viet Nam1909
4Russian Federation1737
5India1117
6Taiwan917
7Indonesia911
8France887
9Thailand503
10South Korea496

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11024164656
2123163101
31038109312
41036108350
51040106674
61039106415
71042101746
81037100879
91041100415
10402298562
Labels:
Posted by at No comments:

Suspected Bot List [2020-05-09]

detection period: 2020-05-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 1515

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry

List from greylisting:


country codeIP addressCountry

List from SSH probes:

country codeIP addressCountry

List from TCP port scans:
Read more »
Labels:
Posted by at No comments:

Saturday, May 9, 2020

Botnet Statistics [2020-05-08]

detection period: 2020-05-08 00:00-23:59 UTC
total number of suspected botnet IPs: 32629
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 31035
number of spam blocked: 0
recipient count of spam blocked: 0

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1TencentCloud1090
2VNPT-VN993
3Baidu788
4TENCENT-CN665
5DIGITALOCEAN-162-243-0-0654
6HINET-NET579
7VIETTEL-VN530
8CHINANET-JS410
9CHINANET-GD391
10VE-CSVE-LACNIC376

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry/Region# of suspected botnet IPs
1China7773
2United States3573
3Viet Nam2175
4Russian Federation2007
5India1252
6Indonesia901
7France890
8Brazil782
9Taiwan747
10Thailand662

The top 10 TCP ports, ordered by number of connection attempts received are:

RankTCP port number# of connection attempts received
11024162408
2123161115
31031106612
41035104919
51033104192
61034101986
71032101688
8402290465
944584354
102202773115
Labels:
Posted by at No comments:
Subscribe to: Posts (Atom)