Custom Search

Saturday, May 27, 2017

Suspected Bot List [2017-05-26]

detection period: 2017-05-26 00:00-23:59 UTC
total number of suspected botnet IPs: 685
number of botnet IPs notified to network operators: 641
number of spam blocked: 19642
recipient count of spam blocked: 39500

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ141
2CMNET66
3CHINANET-GD51
4WASU41
5VNPT-VNNIC-VN33
6HINET-NET32
7UA-VOLIA-2008040427
8CC-1719
9EONIX-NET-173-232-0-0-1-BLK-618
10HINET16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China337
2United States98
3Viet Nam51
4Taiwan49
5Ukraine28
6India25
7United Kingdom15
8Poland11
9Estonia10
10Brazil5

Suspected Bot List [2017-05-26]

detection period: 2017-05-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 44

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR186.38.87.100Argentina
AR186.38.87.102Argentina
AR186.56.32.169Argentina
AR200.49.2.123Argentina
IN27.251.2.234India
IN122.165.237.29India
IN122.168.194.53India
MX148.243.192.238Mexico
PK182.191.65.193Pakistan

List from greylisting:

Friday, May 26, 2017

Botnet Statistics [2017-05-25]

detection period: 2017-05-25 00:00-23:59 UTC
total number of suspected botnet IPs: 778
number of botnet IPs notified to network operators: 767
number of spam blocked: 27466
recipient count of spam blocked: 72539

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ169
2WASU128
3CMNET85
4CHINANET-GD44
5HOSTENGINE35
6UA-VOLIA-2008040429
7UA-VOLIA-2006112428
8MAROSNET-194-67-196-022
9HINET-NET17
10HINET14

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China460
2United States72
3Ukraine72
4Taiwan32
5Russian Federation23
6Viet Nam14
7Turkey13
8Singapore13
9India8
10Italy6