Custom Search

Thursday, March 31, 2011

Botnet Statistics [2011-03-30]

detection period: 2011-03-30 00:00-23:59 UTC
total number of suspected botnet IPs: 2271
number of botnet IPs notified to network operators: 1775
number of blocked spams: 60980
recipient count of blocked spams: 1244078

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET345
2UNICOM-HA163
3CHINANET-GD146
4UNICOM-GD90
5BSNLNET58
6TELKOMNET44
7CHINANET-JS40
8PTCL39
9CTTNET38
10CRTC36

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China690
2Taiwan353
3Brazil177
4India135
5Indonesia97
6Russian Federation82
7United States47
8Viet Nam45
9Pakistan42
10Kazakhstan42

Wednesday, March 30, 2011

Botnet Statistics [2011-03-29]

detection period: 2011-03-29 00:00-23:59 UTC
total number of suspected botnet IPs: 1645
number of botnet IPs notified to network operators: 1296
number of blocked spams: 46978
recipient count of blocked spams: 923431

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET188
2UNICOM-HA177
3CHINANET-GD151
4UNICOM-GD107
5CRTC36
6CHINANET-JS35
7CTTNET34
8BSNLNET33
9TELKOMNET30
10UNICOM-SD20

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China676
2Taiwan195
3India90
4Brazil86
5Russian Federation59
6Indonesia59
7Colombia39
8United States34
9Kazakhstan32
10Poland23

Tuesday, March 29, 2011

Botnet Statistics [2011-03-28]

detection period: 2011-03-28 00:00-23:59 UTC
total number of suspected botnet IPs: 1430
number of botnet IPs notified to network operators: 1152
number of blocked spams: 52658
recipient count of blocked spams: 1010887

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD176
2UNICOM-HA142
3UNICOM-GD112
4HINET-NET106
5CRTC40
6BSNLNET29
7CTTNET28
8UNICOM-SD21
9CHINANET-JS18
10VNPT-VNNIC-VN17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China683
2Taiwan113
3Brazil92
4India62
5Russian Federation50
6Indonesia35
7United States33
8Colombia29
9Kazakhstan28
10South Korea25

Monday, March 28, 2011

Botnet Statistics [2011-03-27]

detection period: 2011-03-27 00:00-23:59 UTC
total number of suspected botnet IPs: 2071
number of botnet IPs notified to network operators: 1478
number of blocked spams: 113050
recipient count of blocked spams: 3183391

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-GD186
2UNICOM-HA164
3CHINANET-GD119
4KORNET-KR56
5CHINANET-JS56
6CRTC43
7BSNLNET39
8002.558.134/0001-5824
9UNICOM-SD22
10CTTNET21

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China791
2Brazil155
3South Korea115
4United States89
5India88
6Russian Federation78
7Argentina38
8Indonesia37
9Kazakhstan36
10Ukraine35

Sunday, March 27, 2011

Botnet Statistics [2011-03-26]

detection period: 2011-03-26 00:00-23:59 UTC
total number of suspected botnet IPs: 2290
number of botnet IPs notified to network operators: 1626
number of blocked spams: 129647
recipient count of blocked spams: 3929129

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-GD168
2UNICOM-HA155
3BSNLNET149
4CHINANET-GD107
5CRTC35
6RCOM34
7CTTNET33
8KORNET-KR31
9CHINANET-JS30
10002.558.134/0001-5828

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China740
2India308
3Brazil171
4United States119
5Russian Federation119
6South Korea55
7Indonesia49
8Viet Nam48
9Kazakhstan46
10Ukraine44

Saturday, March 26, 2011

Botnet Statistics [2011-03-25]

detection period: 2011-03-25 00:00-23:59 UTC
total number of suspected botnet IPs: 2446
number of botnet IPs notified to network operators: 1728
number of blocked spams: 130225
recipient count of blocked spams: 3946090

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-HA164
2UNICOM-GD130
3BSNLNET121
4CHINANET-GD117
5TELKOMNET42
6CRTC36
7RCOM33
8VNPT-VNNIC-VN32
9PTCL29
10NTHAIRNET28

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China734
2India300
3Brazil211
4Russian Federation128
5United States111
6Indonesia79
7South Korea52
8Ukraine49
9Colombia45
10Viet Nam44

Friday, March 25, 2011

Botnet Statistics [2011-03-24]

detection period: 2011-03-24 00:00-23:59 UTC
total number of suspected botnet IPs: 2676
number of botnet IPs notified to network operators: 1921
number of blocked spams: 132010
recipient count of blocked spams: 3983430

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-GD202
2UNICOM-HA150
3CHINANET-GD130
4BSNLNET129
5VNPT-VNNIC-VN52
6RCOM38
7CRTC35
8TELKOMNET33
9UNICOM-BJ32
10CHINANET-JS30

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China847
2India313
3Brazil217
4Russian Federation144
5United States109
6Viet Nam75
7Indonesia72
8Ukraine66
9South Korea53
10Kazakhstan49

Thursday, March 24, 2011

Botnet Statistics [2011-03-23]

detection period: 2011-03-23 00:00-23:59 UTC
total number of suspected botnet IPs: 2676
number of botnet IPs notified to network operators: 1934
number of blocked spams: 90539
recipient count of blocked spams: 2213335

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-GD162
2UNICOM-HA161
3CHINANET-GD138
4HINET-NET137
5BSNLNET74
6UNICOM-BJ37
7000.065.376/0002-6534
8CHINANET-JS32
9PTCL31
10VNPT-VNNIC-VN30

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China795
2Brazil227
3India208
4Taiwan153
5Russian Federation126
6United States113
7Colombia69
8Indonesia66
9South Korea54
10Ukraine49

Wednesday, March 23, 2011

Botnet Statistics [2011-03-22]

detection period: 2011-03-22 00:00-23:59 UTC
total number of suspected botnet IPs: 1960
number of botnet IPs notified to network operators: 1503
number of blocked spams: 59929
recipient count of blocked spams: 1269738

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1UNICOM-GD213
2HINET-NET210
3UNICOM-HA152
4CHINANET-GD120
5BSNLNET40
6CTTNET38
7VNPT-VNNIC-VN29
8CHINANET-JS27
9KORNET-KR25
10CRTC25

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China721
2Taiwan219
3Brazil140
4India131
5Russian Federation89
6South Korea57
7Indonesia47
8Kazakhstan37
9Viet Nam35
10Colombia35

Tuesday, March 22, 2011

Botnet Statistics [2011-03-21]

detection period: 2011-03-21 00:00-23:59 UTC
total number of suspected botnet IPs: 2144
number of botnet IPs notified to network operators: 1674
number of blocked spams: 55764
recipient count of blocked spams: 1074071

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET250
2UNICOM-GD231
3CHINANET-GD157
4UNICOM-HA152
5CTTNET43
6KORNET-KR38
7CHINANET-ZJ-WZ29
8UNICOM-BJ26
9CRTC25
10BSNLNET25

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China822
2Taiwan260
3Brazil143
4India105
5Russian Federation95
6South Korea86
7Indonesia49
8Argentina41
9Viet Nam37
10Kazakhstan36

Monday, March 21, 2011

Botnet Statistics [2011-03-20]

detection period: 2011-03-20 00:00-23:59 UTC
total number of suspected botnet IPs: 1563
number of botnet IPs notified to network operators: 1198
number of blocked spams: 61527
recipient count of blocked spams: 938142

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD147
2UNICOM-GD139
3UNICOM-HA133
4HINET-NET112
5CRTC23
6CTTNET22
7CHINANET-JS22
8VNPT-VNNIC-VN19
9UNICOM-BJ19
10TELKOMNET16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China636
2Taiwan118
3Brazil92
4Russian Federation76
5Indonesia48
6India41
7Kazakhstan34
8Ukraine31
9Viet Nam30
10United States29

Sunday, March 20, 2011

Botnet Statistics [2011-03-19]

detection period: 2011-03-19 00:00-23:59 UTC
total number of suspected botnet IPs: 2200
number of botnet IPs notified to network operators: 1621
number of blocked spams: 123551
recipient count of blocked spams: 3336255

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET312
2UNICOM-HA153
3CHINANET-GD151
4CHINANET-JS38
5BSNLNET36
6CRTC32
7CTTNET27
8UNICOM-BJ26
9BY-BELPAK-2009121025
10VNPT-VNNIC-VN24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China628
2Taiwan329
3Brazil144
4India122
5Russian Federation102
6United States89
7South Korea53
8Ukraine48
9Kazakhstan46
10Indonesia44

Saturday, March 19, 2011

Botnet Statistics [2011-03-18]

detection period: 2011-03-18 00:00-23:59 UTC
total number of suspected botnet IPs: 2383
number of botnet IPs notified to network operators: 1722
number of blocked spams: 128723
recipient count of blocked spams: 4004834

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET336
2UNICOM-HA148
3CHINANET-GD115
4BSNLNET68
5CHINANET-JS38
6RCOM29
7UNICOM-SD28
8002.558.134/0001-5827
9TELKOMNET25
10CTTNET24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China593
2Taiwan352
3Brazil181
4India178
5Russian Federation119
6United States116
7Indonesia66
8Kazakhstan55
9Ukraine46
10Colombia41

Friday, March 18, 2011

Botnet Statistics [2011-03-17]

detection period: 2011-03-17 00:00-23:59 UTC
total number of suspected botnet IPs: 2485
number of botnet IPs notified to network operators: 1760
number of blocked spams: 122650
recipient count of blocked spams: 3922234

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD173
2UNICOM-HA147
3HINET-NET126
4BSNLNET88
5CHINANET-JS44
6RCOM31
7CRTC29
8002.558.134/0001-5829
9UNICOM-SD27
10033.530.486/0001-2925

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China690
2India203
3Brazil201
4Russian Federation153
5Taiwan144
6United States131
7Indonesia59
8Kazakhstan58
9Ukraine55
10Germany52

Thursday, March 17, 2011

Botnet Statistics [2011-03-16]

detection period: 2011-03-16 00:00-23:59 UTC
total number of suspected botnet IPs: 2348
number of botnet IPs notified to network operators: 1696
number of blocked spams: 167417
recipient count of blocked spams: 5468050

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD157
2HINET-NET129
3UNICOM-HA126
4UNICOM-GD101
5CTTNET58
6BSNLNET57
7CHINANET-JS39
8CRTC31
9VNPT-VNNIC-VN28
10076.535.764/0326-9027

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China760
2Brazil199
3India148
4Taiwan144
5Russian Federation130
6United States102
7Kazakhstan55
8South Korea53
9Indonesia53
10Ukraine45

Wednesday, March 16, 2011

Botnet Statistics [2011-03-15]

detection period: 2011-03-15 00:00-23:59 UTC
total number of suspected botnet IPs: 2561
number of botnet IPs notified to network operators: 1829
number of blocked spams: 202522
recipient count of blocked spams: 6550482

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET196
2UNICOM-HA158
3CHINANET-GD145
4UNICOM-GD78
5BSNLNET69
6CHINANET-JS54
7NTHAIRNET41
8TELKOMNET32
9CHINANET-ZJ-WZ31
10000.065.376/0002-6530

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China713
2Brazil217
3Taiwan207
4India175
5United States133
6Russian Federation118
7Indonesia64
8South Korea59
9Kazakhstan57
10Ukraine53

Tuesday, March 15, 2011

Botnet Statistics [2011-03-14]

detection period: 2011-03-14 00:00-23:59 UTC
total number of suspected botnet IPs: 2903
number of botnet IPs notified to network operators: 2268
number of blocked spams: 153965
recipient count of blocked spams: 4779543

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD590
2HINET-NET302
3UNICOM-GD179
4UNICOM-HA149
5CHINANET-JS47
6BSNLNET46
7NTHAIRNET41
8CRTC27
9000.065.376/0002-6524
10CTTNET22

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1244
2Taiwan318
3Brazil170
4United States129
5India126
6Russian Federation102
7Colombia49
8South Korea48
9Indonesia46
10Thailand45

Monday, March 14, 2011

Botnet Statistics [2011-03-13]

detection period: 2011-03-13 00:00-23:59 UTC
total number of suspected botnet IPs: 2534
number of botnet IPs notified to network operators: 2020
number of blocked spams: 135737
recipient count of blocked spams: 4032164

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD522
2UNICOM-GD266
3HINET-NET258
4UNICOM-HA91
5CTTNET34
6CRTC33
7UNICOM-SD22
8CAT-BB-NET22
9BSNLNET21
10CHINANET-JS20

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1167
2Taiwan272
3Brazil144
4United States102
5Russian Federation94
6Thailand65
7India60
8Kazakhstan42
9South Korea41
10Indonesia39

Sunday, March 13, 2011

Botnet Statistics [2011-03-12]

detection period: 2011-03-12 00:00-23:59 UTC
total number of suspected botnet IPs: 3140
number of botnet IPs notified to network operators: 2495
number of blocked spams: 148611
recipient count of blocked spams: 4449931

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD627
2UNICOM-GD277
3HINET-NET203
4BSNLNET92
5UNICOM-HA64
6CTTNET46
7002.558.134/0001-5837
8NTHAIRNET28
9CRTC28
10RCOM27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1293
2Brazil220
3Taiwan214
4India198
5Russian Federation134
6United States123
7Thailand80
8Ukraine56
9South Korea54
10Indonesia52

Saturday, March 12, 2011

Botnet Statistics for February 2011

Now I detect botnets with both fake open relays and greylisting. I could only detect about 14000 bots in February if greylisting is not used. After all, some spammers might have been driven out of business by my fake open relays, which have been operating for one and a half years now. But the numbers for blocked spams and recipients do not include the number from greylisting, as it gets much less spam mail than fake open relays.

detection period: 2011-02-01 00:00 - 2011-02-28 23:59 UTC
total number of suspected botnet IPs: 39902
number of blocked spams: 5971039
recipient count of blocked spams: 156118318

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China11731
2Taiwan5627
3India2838
4Brazil1995
5Viet Nam1698
6Indonesia1684
7Russian Federation1607
8South Korea1059
9Pakistan936
10Ukraine871
11Thailand732
12Belarus697
13Argentina481
14Colombia460
15Kazakhstan450
16United States409
17Peru338
18Poland310
19Germany283
20Romania277
21Saudi Arabia243
22Iran223
23Chile195
24Israel186
25France184

The top 25 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1China1652622
2Brazil652219
3Taiwan356441
4India339544
5United States339027
6Russian Federation261236
7Colombia206402
8Indonesia177712
9Poland140927
10South Korea124034
11Thailand120969
12Ukraine88984
13Philippines88518
14France87309
15Germany68682
16Viet Nam66843
17Italy59903
18Spain58577
19Argentina55247
20Mexico50735
21Japan48374
22United Kingdom43967
23Netherlands37509
24Turkey37489
25European Union36650

The top 25 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

Botnet Statistics [2011-03-11]

detection period: 2011-03-11 00:00-23:59 UTC
total number of suspected botnet IPs: 3822
number of botnet IPs notified to network operators: 3059
number of blocked spams: 178006
recipient count of blocked spams: 4145645

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD955
2UNICOM-GD262
3HINET-NET221
4BSNLNET90
5UNICOM-HA78
6CTTNET46
7RCOM42
8MTNLISP35
9002.558.157/0001-6234
10CHINANET-JS32

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1686
2Brazil253
3India252
4Taiwan237
5Russian Federation162
6United States122
7Colombia67
8South Korea66
9Ukraine63
10Thailand63

Friday, March 11, 2011

Botnet Statistics [2011-03-10]

detection period: 2011-03-10 00:00-23:59 UTC
total number of suspected botnet IPs: 4430
number of botnet IPs notified to network operators: 3655
number of blocked spams: 184203
recipient count of blocked spams: 4290730

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD1515
2UNICOM-GD253
3HINET-NET228
4UNICOM-HA140
5BSNLNET77
6UNICOM-HN54
7CTTNET46
8CHINANET-JS41
9KORNET-KR38
10002.558.134/0001-5837

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2352
2Brazil246
3Taiwan239
4India201
5Russian Federation138
6United States106
7Indonesia69
8South Korea68
9Colombia57
10Kazakhstan55

Thursday, March 10, 2011

Botnet Statistics [2011-03-09]

I have no idea of what happened, but the botnet outburst in China continues. More than 1700 bots are located in the Guangdong province.

detection period: 2011-03-09 00:00-23:59 UTC
total number of suspected botnet IPs: 4791
number of botnet IPs notified to network operators: 3905
number of blocked spams: 159926
recipient count of blocked spams: 4180459

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD1454
2UNICOM-GD260
3HINET-NET243
4UNICOM-HA148
5BSNLNET115
6VNPT-VNNIC-VN81
7PTCL64
8TELKOMNET58
9KORNET-KR51
10CTTNET47

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2300
2India265
3Taiwan259
4Brazil200
5Indonesia153
6Russian Federation141
7United States118
8Viet Nam112
9South Korea104
10Pakistan71

Wednesday, March 9, 2011

Botnet Statistics [2011-03-08]

detection period: 2011-03-08 00:00-23:59 UTC
total number of suspected botnet IPs: 4922
number of botnet IPs notified to network operators: 3964
number of blocked spams: 163075
recipient count of blocked spams: 4484551

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD1452
2HINET-NET270
3UNICOM-GD240
4UNICOM-HA170
5TELKOMNET110
6PTCL107
7VNPT-VNNIC-VN105
8BSNLNET88
9CTTNET58
10CRTC43

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2329
2Taiwan287
3India250
4Indonesia235
5Brazil167
6Viet Nam142
7Pakistan122
8Russian Federation120
9United States117
10South Korea112

Tuesday, March 8, 2011

Botnet Statistics [2011-03-07]

China seemed to have a botnet outburst, and more than 2000 bots there were detected.

detection period: 2011-03-07 00:00-23:59 UTC
total number of suspected botnet IPs: 4869
number of botnet IPs notified to network operators: 3883
number of blocked spams: 162050
recipient count of blocked spams: 4625068

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD1350
2HINET-NET265
3UNICOM-GD262
4UNICOM-HA181
5VNPT-VNNIC-VN101
6PTCL99
7BSNLNET99
8TELKOMNET66
9KORNET-KR51
10NTHAIRNET41

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2211
2Taiwan283
3India261
4Brazil181
5Indonesia174
6United States161
7Viet Nam136
8Russian Federation128
9Pakistan117
10South Korea107

Monday, March 7, 2011

Botnet Statistics [2011-03-06]

detection period: 2011-03-06 00:00-23:59 UTC
total number of suspected botnet IPs: 3149
number of botnet IPs notified to network operators: 2470
number of blocked spams: 206087
recipient count of blocked spams: 6033378

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD519
2UNICOM-GD265
3HINET-NET263
4UNICOM-HA98
5CHINANET-HN47
6CTTNET42
7UNICOM-HN41
8VNPT-VNNIC-VN33
9CRTC32
10CHINANET-JS30

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1299
2Taiwan276
3United States234
4Brazil153
5Russian Federation115
6Indonesia83
7India74
8Ukraine65
9South Korea57
10Kazakhstan56

Sunday, March 6, 2011

Botnet Statistics [2011-03-05]

Pakistan jumps to number 4. And it is rare that the country at number 10 has more than 100 bots.

detection period: 2011-03-05 00:00-23:59 UTC
total number of suspected botnet IPs: 4388
number of botnet IPs notified to network operators: 3318
number of blocked spams: 274180
recipient count of blocked spams: 8351998

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD665
2HINET-NET274
3UNICOM-GD198
4PTCL182
5VNPT-VNNIC-VN130
6BSNLNET128
7TELKOMNET72
8UNICOM-HA61
9RCOM47
10KORNET-KR47

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1392
2India323
3Taiwan292
4Pakistan201
5Brazil199
6Indonesia190
7Viet Nam180
8United States171
9Russian Federation150
10South Korea128

Saturday, March 5, 2011

Botnet Statistics [2011-03-04]

detection period: 2011-03-04 00:00-23:59 UTC
total number of suspected botnet IPs: 2831
number of botnet IPs notified to network operators: 2046
number of blocked spams: 299417
recipient count of blocked spams: 9178705

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET254
2CHINANET-GD151
3VNPT-VNNIC-VN95
4BSNLNET91
5TELKOMNET62
6RCOM40
7KORNET-KR40
8CHINANET-JS38
9NTHAIRNET33
10CRTC30

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China548
2Taiwan265
3India251
4Brazil193
5Indonesia172
6Viet Nam135
7Russian Federation116
8United States111
9South Korea94
10Kazakhstan70

How could China cut spam so effectively?

This week I have read many articles talking about one thing: spam from China has greatly reduced. Regularly in the top five just two years ago, China is now ranked at number 18 on IronPort's list of spam-producing countries, and at number 20 according to Sophos. For China, a country with internet population bigger than population of the United States, this is no simple feat. In comparison, the U.S. is still the top-spamming country, according to Sophos.

In fact, IronPort's "finding" has lagged by more than a year. Other groups already pointed out similiar facts long ago, for example:
But most people have no idea how China achieved that. Some refered to an anti-spam initiative in 2006, but it was not until the second half of 2009 when spam from China started to drop off dramatically. Other mentioned the stricter control China put on ".cn" domain registration, but forgot that when talking about spam source, we are only concerned about their IP addresses, which have nothing to do with their domain names. Everyone seems to be a bit clueless, so I might as well give my two cents.

What has caused spam from China to drop did not set out to do so.

Botnet Statistics [2011-03-03]

detection period: 2011-03-03 00:00-23:59 UTC
total number of suspected botnet IPs: 2877
number of botnet IPs notified to network operators: 2026
number of blocked spams: 288739
recipient count of blocked spams: 9025867

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET219
2CHINANET-GD158
3VNPT-VNNIC-VN95
4BSNLNET95
5CTTNET59
6TELKOMNET47
7KORNET-KR47
8NTHAIRNET41
9RCOM34
10076.535.764/0326-9032

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China597
2India239
3Taiwan235
4Brazil222
5United States128
6Indonesia125
7Viet Nam120
8South Korea103
9Russian Federation99
10Colombia64

Thursday, March 3, 2011

Botnet Statistics [2011-03-02]

detection period: 2011-03-02 00:00-23:59 UTC
total number of suspected botnet IPs: 3101
number of botnet IPs notified to network operators: 2260
number of blocked spams: 320500
recipient count of blocked spams: 10450527

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET220
2CHINANET-GD146
3VNPT-VNNIC-VN123
4TELKOMNET87
5BSNLNET74
6KORNET-KR66
7CRTC36
8RCOM33
9PTCL30
10CTTNET29

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China563
2Taiwan235
3Brazil230
4India227
5Indonesia212
6Viet Nam165
7South Korea154
8Russian Federation140
9United States108
10Ukraine89

Wednesday, March 2, 2011

Botnet Statistics [2011-03-01]

detection period: 2011-03-01 00:00-23:59 UTC
total number of suspected botnet IPs: 2144
number of botnet IPs notified to network operators: 1520
number of blocked spams: 326387
recipient count of blocked spams: 11001458

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET214
2CHINANET-GD101
3BSNLNET68
4VNPT-VNNIC-VN48
5TELKOMNET42
6UNICOM-BJ37
7KORNET-KR36
8CHINANET-JS27
9CRTC25
10003.420.926/0002-0524

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China473
2Taiwan228
3India173
4Brazil163
5Indonesia99
6United States88
7Russian Federation87
8South Korea68
9Viet Nam61
10Kazakhstan47

Tuesday, March 1, 2011

Botnet Statistics [2011-02-28]

detection period: 2011-02-28 00:00-23:59 UTC
total number of suspected botnet IPs: 2469
number of botnet IPs notified to network operators: 1811
number of blocked spams: 326980
recipient count of blocked spams: 11094111

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET217
2UNICOM-BJ164
3CHINANET-GD143
4BSNLNET68
5VNPT-VNNIC-VN47
6CRTC35
7TELKOMNET34
8KORNET-KR26
9RCOM24
10CTTNET24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China617
2Taiwan231
3Brazil195
4India162
5Russian Federation132
6United States104
7Indonesia97
8Viet Nam66
9Ukraine65
10South Korea60