detection period: 2021-03-08 00:00-23:59 UTC
total number of suspected botnet IPs: 37711
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 34733
number of spam blocked: 0
recipient count of spam blocked: 0
The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | TencentCloud | 1938 |
| 2 | TENCENT-CN | 782 |
| 3 | VNPT-VN | 758 |
| 4 | VIETTEL-VN | 692 |
| 5 | DIGITALOCEAN-192-241-128-0 | 645 |
| 6 | ALISOFT | 629 |
| 7 | NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK | 613 |
| 8 | BSNLNET | 513 |
| 9 | HINET-NET | 509 |
| 10 | VE-CSVE-LACNIC | 434 |
The top 10 countries (as defined by the 2-character country code), ordered by the number of suspected botnet IPs are:
| Rank | Country/Region | # of suspected botnet IPs |
|---|---|---|
| 1 | China | 9056 |
| 2 | United States | 4662 |
| 3 | India | 2893 |
| 4 | Viet Nam | 2018 |
| 5 | Brazil | 1725 |
| 6 | Russian Federation | 1723 |
| 7 | Indonesia | 1204 |
| 8 | Thailand | 783 |
| 9 | Taiwan | 657 |
| 10 | European Union | 644 |
The top 10 TCP ports, ordered by the number of connection attempts received are:
| Rank | TCP port number | # of connection attempts received |
|---|---|---|
| 1 | 445 | 511739 |
| 2 | 1112 | 264887 |
| 3 | 1125 | 213207 |
| 4 | 1126 | 210770 |
| 5 | 1131 | 210540 |
| 6 | 1132 | 197257 |
| 7 | 1133 | 193051 |
| 8 | 1113 | 140965 |
| 9 | 1202 | 137527 |
| 10 | 1032 | 137383 |
No comments:
Post a Comment