detection period: 2021-11-11 00:00-23:59 UTC
total number of suspected botnet IPs: 19879
number of botnet IPs notified to network operators (best case, if all mail were sent out successfully): 18215
number of spam blocked: 0
recipient count of spam blocked: 0
The top 10 networks (as found in WHOIS), ordered by the number of suspected botnet IPs are:
| Rank | Network | # of suspected botnet IPs |
|---|---|---|
| 1 | ALISOFT | 653 |
| 2 | VNPT-VN | 438 |
| 3 | VIETTEL-VN | 413 |
| 4 | TencentCloud | 368 |
| 5 | HINET-NET | 350 |
| 6 | CMNET | 300 |
| 7 | BSNLNET | 233 |
| 8 | AFRINIC-042005 | 226 |
| 9 | TELKOMNET | 216 |
| 10 | KORNET | 211 |
The top 10 countries (as defined by the 2-character country code), ordered by the number of suspected botnet IPs are:
| Rank | Country/Region | # of suspected botnet IPs |
|---|---|---|
| 1 | China | 3389 |
| 2 | United States | 2573 |
| 3 | India | 1477 |
| 4 | Russian Federation | 1378 |
| 5 | Viet Nam | 1160 |
| 6 | Brazil | 1066 |
| 7 | Indonesia | 697 |
| 8 | Thailand | 532 |
| 9 | Taiwan | 471 |
| 10 | Mexico | 403 |
The top 10 TCP ports, ordered by the number of connection attempts received are:
| Rank | TCP port number | # of connection attempts received |
|---|---|---|
| 1 | 6622 | 168692 |
| 2 | 5522 | 165569 |
| 3 | 5322 | 157739 |
| 4 | 5422 | 151805 |
| 5 | 6522 | 151089 |
| 6 | 6922 | 149312 |
| 7 | 7022 | 148961 |
| 8 | 5122 | 148226 |
| 9 | 6022 | 148127 |
| 10 | 6222 | 144719 |
No comments:
Post a Comment