Custom Search

Wednesday, March 29, 2017

Botnet Statistics [2017-03-28]

detection period: 2017-03-28 00:00-23:59 UTC
total number of suspected botnet IPs: 246
number of botnet IPs notified to network operators: 234
number of spam blocked: 2339
recipient count of spam blocked: 39216

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1WASU-BB18
2UNICOM-ZJ16
3CMNET13
4CHINANET-GD9
5UNICOM-GD6
6CHINANET-JS6
7ALISOFT6
8UNICOM-SD5
9UNICOM-BJ5
10Chinafic5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China147
2Russian Federation16
3United States12
4India7
5Viet Nam6
6South Korea5
7Taiwan4
8Japan4
9Pakistan3
10Mexico3

Suspected Bot List [2017-03-28]

detection period: 2017-03-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 12

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
TW123.194.225.45Taiwan

List from greylisting:

Tuesday, March 28, 2017

Botnet Statistics [2017-03-27]

detection period: 2017-03-27 00:00-23:59 UTC
total number of suspected botnet IPs: 323
number of botnet IPs notified to network operators: 316
number of spam blocked: 1597
recipient count of spam blocked: 19780

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-ZJ59
2WASU-BB40
3CMNET13
4CHINANET-JS12
5CHINANET-GD10
6CHINANET-AH8
7ALISOFT6
8WASU5
9UNICOM-BJ5
10Chinafic5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

1China223
2Russian Federation15
3United States14
4South Korea8
5India8
6Ukraine5
7Mexico4
8Taiwan3
9Netherlands2
10Kazakhstan2