Custom Search

Thursday, July 31, 2014

Suspected Bot List [2014-07-30]

detection period: 2014-07-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 438

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
EG41.33.169.36Egypt
IN27.5.182.53India
IN59.90.91.95India
IN117.245.95.252India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IT31.199.192.20Italy
IT95.227.105.203Italy
IT95.253.67.148Italy
LB194.126.140.247Lebanon
MX201.132.203.42Mexico
PE200.110.35.150Peru
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SE80.78.31.131Sweden
SG116.251.209.131Singapore
US50.201.42.106United States
US69.64.32.128United States
US174.139.94.82United States

List from greylisting:

Botnet Statistics [2014-07-30]

detection period: 2014-07-30 00:00-23:59 UTC
total number of suspected botnet IPs: 3411
number of botnet IPs notified to network operators: 2973
number of spam blocked: 95003
recipient count of spam blocked: 2232136

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1220
2VNPT-VNNIC-VN211
3CHINANET-GD138
4CRTC126
5KORNET-KR71
6PE-TPSA-LACNIC64
7FPT-VN54
8WASU53
9BSNLNET38
10WASU-BB32

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1250
2China518
3Viet Nam351
4South Korea157
5Peru132
6India125
7United States63
8Colombia62
9Brazil59
10Russian Federation49

Wednesday, July 30, 2014

Suspected Bot List [2014-07-29]

detection period: 2014-07-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 244

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
EG41.33.169.36Egypt
IN27.5.182.53India
IN59.90.91.95India
IN117.245.95.252India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IT31.199.192.20Italy
IT37.186.201.149Italy
IT95.227.105.203Italy
IT95.253.67.148Italy
LB194.126.140.247Lebanon
MX201.132.203.42Mexico
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SE80.78.31.131Sweden
SG116.251.209.131Singapore
US50.201.42.106United States
US69.64.32.128United States

List from greylisting:

Botnet Statistics [2014-07-29]

detection period: 2014-07-29 00:00-23:59 UTC
total number of suspected botnet IPs: 2701
number of botnet IPs notified to network operators: 2457
number of spam blocked: 190661
recipient count of spam blocked: 3228227

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1206
2CRTC121
3CHINANET-GD65
4WASU61
5UNICOM-HN56
6CHINANET-HB51
7VNPT-VNNIC-VN41
8WASU-BB36
9PE-TPSA-LACNIC30
10UNICOM-GD24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1225
2China569
3India92
4Viet Nam73
5South Korea51
6Peru48
7United States45
8Brazil44
9Russian Federation40
10Argentina33

Tuesday, July 29, 2014

Suspected Bot List [2014-07-28]

detection period: 2014-07-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 341

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
EG41.33.169.36Egypt
IN27.5.182.53India
IN117.245.95.252India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IT31.199.192.20Italy
IT95.227.105.203Italy
IT95.253.67.148Italy
LB194.126.140.247Lebanon
MX201.132.203.42Mexico
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SE80.78.31.131Sweden
SG116.251.209.131Singapore
US50.201.42.106United States
US69.64.32.128United States
US174.139.94.82United States

List from greylisting:

Botnet Statistics [2014-07-28]

detection period: 2014-07-28 00:00-23:59 UTC
total number of suspected botnet IPs: 3193
number of botnet IPs notified to network operators: 2852
number of spam blocked: 74650
recipient count of spam blocked: 2199563

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1209
2VNPT-VNNIC-VN154
3UNICOM-HN140
4CRTC128
5UNICOM80
6KORNET-KR60
7CHINANET-GD43
8BSNLNET40
9UNICOM-GD37
10BHARTI-IN30

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1236
2China611
3Viet Nam249
4India154
5Russian Federation131
6South Korea125
7United States58
8Argentina45
9Peru40
10United Kingdom28

Monday, July 28, 2014

Suspected Bot List [2014-07-27]

detection period: 2014-07-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 266

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
EG41.33.169.36Egypt
IN27.5.182.53India
IN59.90.91.95India
IN117.245.95.252India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IT31.199.192.20Italy
IT95.227.105.203Italy
IT95.253.67.148Italy
LB194.126.140.247Lebanon
MX201.132.203.42Mexico
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SE80.78.31.131Sweden
SG116.251.209.131Singapore
US50.201.42.106United States
US69.64.32.128United States
US174.139.94.82United States

List from greylisting:

Botnet Statistics [2014-07-27]

detection period: 2014-07-27 00:00-23:59 UTC
total number of suspected botnet IPs: 3051
number of botnet IPs notified to network operators: 2785
number of spam blocked: 106294
recipient count of spam blocked: 2813271

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1214
2VNPT-VNNIC-VN178
3UNICOM-HN139
4UNICOM90
5CHINANET-GD88
6CRTC66
7KORNET-KR63
8PE-TPSA-LACNIC50
9FPT-VN47
10CHINANET-HB36

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1242
2China586
3Viet Nam299
4South Korea133
5Peru91
6India55
7United States42
8Argentina36
9Brazil33
10Poland30

Sunday, July 27, 2014

Suspected Bot List [2014-07-26]

detection period: 2014-07-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 320

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
EG41.33.169.36Egypt
GB176.35.77.154United Kingdom
IN27.5.182.53India
IN59.90.91.95India
IN117.245.95.252India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IT31.199.192.20Italy
IT37.186.201.149Italy
IT95.227.105.203Italy
IT95.253.67.148Italy
LB194.126.140.247Lebanon
MX201.132.203.42Mexico
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SE80.78.31.131Sweden
SG116.251.209.131Singapore
US50.201.42.106United States
US69.64.32.128United States
US174.139.94.82United States
VE190.202.116.101Venezuela

List from greylisting:

Botnet Statistics [2014-07-26]

detection period: 2014-07-26 00:00-23:59 UTC
total number of suspected botnet IPs: 3093
number of botnet IPs notified to network operators: 2773
number of spam blocked: 107433
recipient count of spam blocked: 2965292

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1204
2UNICOM-HN156
3CHINANET-GD140
4VNPT-VNNIC-VN117
5UNICOM100
6CRTC63
7KORNET-KR58
8CHINANET-HB32
9VIETEL-VNNIC-VN27
10PE-TPSA-LACNIC27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1227
2China624
3Viet Nam214
4South Korea117
5India83
6Russian Federation76
7Argentina66
8Peru60
9United States52
10Brazil40

Saturday, July 26, 2014

Suspected Bot List [2014-07-25]

detection period: 2014-07-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 280

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
EG41.33.169.36Egypt
IN27.5.182.53India
IN117.245.95.252India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IT31.199.192.20Italy
IT95.227.105.203Italy
IT95.253.67.148Italy
LB194.126.140.247Lebanon
MX201.132.203.42Mexico
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SE80.78.31.131Sweden
SG116.251.209.131Singapore
US50.201.42.106United States
US69.64.32.128United States
US174.139.94.82United States

List from greylisting:

Botnet Statistics [2014-07-25]

detection period: 2014-07-25 00:00-23:59 UTC
total number of suspected botnet IPs: 2909
number of botnet IPs notified to network operators: 2629
number of spam blocked: 136492
recipient count of spam blocked: 3439076

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1202
2CHINANET-GD164
3VNPT-VNNIC-VN111
4CRTC68
5WASU52
6UNICOM-GD39
7KORNET-KR36
8WASU-BB35
9PE-TPSA-LACNIC29
10FPT-VN27

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1228
2China519
3Viet Nam188
4South Korea97
5Russian Federation63
6Brazil57
7India56
8Argentina56
9United States52
10Peru51

Friday, July 25, 2014

Suspected Bot List [2014-07-24]

detection period: 2014-07-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 298

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
EG41.33.169.36Egypt
IN27.5.182.53India
IN117.245.95.252India
IN125.17.32.130India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IT31.199.192.20Italy
IT95.227.105.203Italy
LB194.126.140.247Lebanon
MX201.132.203.42Mexico
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SE80.78.31.131Sweden
SG116.251.209.131Singapore
US50.201.42.106United States
US69.64.32.128United States
US174.139.94.82United States

List from greylisting:

Botnet Statistics [2014-07-24]

detection period: 2014-07-24 00:00-23:59 UTC
total number of suspected botnet IPs: 2773
number of botnet IPs notified to network operators: 2475
number of spam blocked: 134720
recipient count of spam blocked: 3472653

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1202
2UNICOM-HN80
3VNPT-VNNIC-VN74
4WASU73
5CRTC53
6WASU-BB37
7UNICOM-ZJ34
8CHINANET-GD33
9UNICOM31
10PE-TPSA-LACNIC31

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1219
2China526
3Viet Nam122
4Russian Federation89
5India72
6Peru70
7Argentina53
8Colombia48
9Brazil47
10South Korea46

Thursday, July 24, 2014

Suspected Bot List [2014-07-23]

detection period: 2014-07-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 299

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
EG41.33.169.36Egypt
HN190.107.140.77Honduras
IN27.5.182.53India
IN117.245.95.252India
IN125.17.32.130India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IT31.199.192.20Italy
IT95.227.105.203Italy
LB194.126.140.247Lebanon
MX201.132.203.42Mexico
PE200.110.35.150Peru
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SE80.78.31.131Sweden
SG116.251.209.131Singapore
US50.201.42.106United States
US69.64.32.128United States
US174.139.94.82United States

List from greylisting:

Botnet Statistics [2014-07-23]

detection period: 2014-07-23 00:00-23:59 UTC
total number of suspected botnet IPs: 3075
number of botnet IPs notified to network operators: 2776
number of spam blocked: 100799
recipient count of spam blocked: 2560543

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1218
2UNICOM-ZJ156
3CRTC122
4VNPT-VNNIC-VN88
5WASU81
6WASU-BB58
7CHINANET-HB57
8UNICOM-HN48
9CHINANET-GD46
10UNICOM-GD38

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1233
2China820
3Viet Nam132
4India76
5Russian Federation74
6United States64
7Brazil56
8Argentina56
9Peru52
10South Korea50

Wednesday, July 23, 2014

Suspected Bot List [2014-07-22]

detection period: 2014-07-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 255

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
BD180.211.180.18Bangladesh
CL200.111.103.74Chile
HN190.107.140.77Honduras
IN27.5.182.53India
IN117.245.95.252India
IN117.247.108.70India
IN203.90.114.228India
IT31.199.192.20Italy
IT95.227.105.203Italy
MX201.116.227.163Mexico
MX201.132.203.42Mexico
NG193.238.29.148Nigeria
PE200.110.35.150Peru
PH58.69.100.234Philippines
PH121.97.123.89Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.209.131Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
US50.201.42.106United States
US69.64.32.128United States

List from greylisting:

Botnet Statistics [2014-07-22]

detection period: 2014-07-22 00:00-23:59 UTC
total number of suspected botnet IPs: 2827
number of botnet IPs notified to network operators: 2572
number of spam blocked: 98755
recipient count of spam blocked: 2505816

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1231
2CRTC102
3CHINANET-HB80
4UNICOM-HN72
5WASU67
6UNICOM58
7UNICOM-ZJ52
8CHINANET-GD52
9WASU-BB45
10VNPT-VNNIC-VN31

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1239
2China743
3Russian Federation84
4Argentina62
5Brazil61
6Viet Nam54
7Peru45
8United States39
9Colombia35
10India33

Tuesday, July 22, 2014

Suspected Bot List [2014-07-21]

detection period: 2014-07-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 182

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
CL200.111.103.74Chile
CO190.60.39.186Colombia
EG41.33.169.36Egypt
GB176.35.77.154United Kingdom
HN190.107.140.77Honduras
IN27.5.182.53India
IN59.90.91.95India
IN117.245.95.252India
IN117.247.108.70India
IN202.62.67.250India
IN203.90.114.228India
IR94.182.162.242Iran
IT31.199.192.20Italy
IT37.186.201.149Italy
IT95.227.105.203Italy
IT95.253.67.148Italy
LB194.126.140.247Lebanon
MX201.116.227.163Mexico
MX201.132.203.42Mexico
NG193.238.29.148Nigeria
PE200.110.35.150Peru
PH58.69.100.234Philippines
PH121.97.123.89Philippines
PK202.83.170.91Pakistan
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SG112.140.185.208Singapore
SG116.251.209.131Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
US50.201.42.106United States
US69.64.32.128United States
US174.139.180.186United States
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-21]

detection period: 2014-07-21 00:00-23:59 UTC
total number of suspected botnet IPs: 2894
number of botnet IPs notified to network operators: 2713
number of spam blocked: 95485
recipient count of spam blocked: 3148670

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1186
2CRTC158
3WASU108
4UNICOM-ZJ100
5CHINANET-GD98
6WASU-BB67
7VNPT-VNNIC-VN59
8KORNET-KR32
9CHINANET-HB28
10UNICOM25

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1203
2China856
3Viet Nam105
4Russian Federation64
5Brazil54
6United States50
7South Korea49
8India37
9Italy34
10Indonesia32

Monday, July 21, 2014

Suspected Bot List [2014-07-20]

detection period: 2014-07-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 135

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
CL200.111.103.74Chile
CO190.60.39.186Colombia
EG41.33.169.36Egypt
GB176.35.77.154United Kingdom
HN190.107.140.77Honduras
IN59.90.91.95India
IN117.245.95.252India
IN125.17.32.130India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IR94.182.162.242Iran
IT37.186.201.149Italy
IT95.227.105.203Italy
IT95.253.67.148Italy
LB194.126.140.247Lebanon
MX201.116.227.163Mexico
MX201.132.203.42Mexico
PH58.69.100.234Philippines
PK202.83.170.91Pakistan
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SE80.78.31.131Sweden
SG116.251.209.131Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
US50.201.42.106United States
US69.64.32.128United States
US174.139.180.186United States
US199.217.113.176United States
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-20]

detection period: 2014-07-20 00:00-23:59 UTC
total number of suspected botnet IPs: 2303
number of botnet IPs notified to network operators: 2170
number of spam blocked: 113176
recipient count of spam blocked: 3193085

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1204
2UNICOM-ZJ93
3CHINANET-GD48
4WASU41
5CHINANET-HB36
6VNPT-VNNIC-VN30
7CRTC25
8UNICOM-GD24
9WASU-BB19
10OCN17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1211
2China455
3United States61
4India51
5Russian Federation50
6Viet Nam46
7Brazil32
8South Korea30
9Indonesia23
10Japan21

Sunday, July 20, 2014

Suspected Bot List [2014-07-19]

detection period: 2014-07-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 206

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
BD180.211.180.18Bangladesh
CL200.111.103.74Chile
CO190.60.39.186Colombia
GB176.35.77.154United Kingdom
IN59.90.91.95India
IN125.17.32.130India
IN202.62.67.250India
IN203.90.114.228India
IN210.212.97.179India
IR91.98.147.62Iran
IR94.182.162.242Iran
IT37.186.201.149Italy
IT95.227.105.203Italy
LB194.126.140.247Lebanon
MX201.116.227.163Mexico
MX201.132.203.42Mexico
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SE80.78.31.131Sweden
SG116.251.209.131Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
US50.201.42.106United States
US69.64.32.128United States
US174.139.180.186United States
US199.217.113.176United States
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-19]

detection period: 2014-07-19 00:00-23:59 UTC
total number of suspected botnet IPs: 2934
number of botnet IPs notified to network operators: 2728
number of spam blocked: 92830
recipient count of spam blocked: 3004392

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1220
2CHINANET-GD232
3UNICOM-HN175
4CRTC148
5UNICOM78
6UNICOM-GD36
7CHINANET-HB34
8BSNLNET27
9UNICOM-BJ20
10BHARTI-IN14

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1227
2China849
3Russian Federation111
4India107
5United States54
6Brazil43
7Indonesia40
8United Kingdom35
9Viet Nam29
10Iran22

Saturday, July 19, 2014

Suspected Bot List [2014-07-18]

detection period: 2014-07-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 134

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
CL200.111.103.74Chile
CO190.60.39.186Colombia
EG41.33.169.36Egypt
GB176.35.77.154United Kingdom
IN59.90.91.95India
IN122.160.239.46India
IN125.17.32.130India
IN202.62.67.250India
IN203.90.114.228India
IN210.212.97.179India
IR91.98.147.62Iran
IR94.182.162.242Iran
IT37.186.201.149Italy
IT95.227.105.203Italy
LB194.126.140.247Lebanon
MX201.116.227.163Mexico
MX201.132.203.42Mexico
NG193.238.29.148Nigeria
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SE80.78.31.131Sweden
SG116.251.209.131Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
US50.201.42.106United States
US68.189.142.171United States
US69.64.32.128United States
US174.139.180.186United States
US199.217.113.176United States
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-18]

detection period: 2014-07-18 00:00-23:59 UTC
total number of suspected botnet IPs: 2709
number of botnet IPs notified to network operators: 2575
number of spam blocked: 118986
recipient count of spam blocked: 3377124

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1218
2UNICOM-HN224
3UNICOM129
4CHINANET-GD116
5CRTC69
6UNICOM-ZJ66
7UNICOM-GD33
8CHINANET-HB27
9WASU22
10HTXX13

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1226
2China852
3Russian Federation77
4United States61
5Brazil43
6India40
7Indonesia30
8United Kingdom23
9Viet Nam22
10Thailand18

Friday, July 18, 2014

Suspected Bot List [2014-07-17]

detection period: 2014-07-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 93

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
CA66.154.119.21Canada
CL200.111.103.74Chile
CO190.60.39.186Colombia
GB176.35.77.154United Kingdom
IN59.90.91.95India
IN117.247.241.27India
IN122.160.239.46India
IN125.17.32.130India
IN182.72.57.212India
IN202.62.67.250India
IN203.90.114.228India
IN210.212.97.179India
IR91.98.147.62Iran
IR94.182.162.242Iran
IT37.186.201.149Italy
IT95.227.105.203Italy
LB194.126.140.247Lebanon
MX201.116.227.163Mexico
MX201.132.203.42Mexico
NG193.238.29.148Nigeria
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SE80.78.31.131Sweden
SG116.251.209.131Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
UA81.95.177.107Ukraine
US50.201.42.106United States
US68.189.142.171United States
US69.64.32.128United States
US69.85.93.70United States
US174.139.180.186United States
US199.217.113.176United States
UZ89.236.219.220Uzbekistan
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-17]

detection period: 2014-07-17 00:00-23:59 UTC
total number of suspected botnet IPs: 2488
number of botnet IPs notified to network operators: 2396
number of spam blocked: 95063
recipient count of spam blocked: 3115094

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1175
2CRTC126
3CHINANET-GD124
4UNICOM-HN113
5UNICOM-ZJ99
6UNICOM73
7CHINANET-HB48
8UNICOM-GD41
9WASU38
10WASU-BB24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1184
2China849
3United States62
4Russian Federation49
5Brazil44
6Indonesia26
7Italy20
8India19
9Ukraine16
10Thailand14

Thursday, July 17, 2014

Suspected Bot List [2014-07-16]

detection period: 2014-07-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 83

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
AR200.63.164.22Argentina
BD180.211.180.18Bangladesh
CA66.154.119.21Canada
CL200.111.103.74Chile
CO190.60.39.186Colombia
EG41.33.169.36Egypt
GB176.35.77.154United Kingdom
IN27.5.97.88India
IN59.90.91.95India
IN117.247.241.27India
IN122.160.239.46India
IN125.17.32.130India
IN202.62.67.250India
IN203.90.114.228India
IN210.212.97.179India
IR91.98.147.62Iran
IR94.182.162.242Iran
IT37.186.201.149Italy
IT95.227.105.203Italy
MX201.116.227.163Mexico
MX201.132.203.42Mexico
PH58.69.100.234Philippines
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.209.131Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
UA81.95.177.107Ukraine
US50.201.42.106United States
US68.189.142.171United States
US199.217.113.176United States
UZ89.236.219.220Uzbekistan
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-16]

detection period: 2014-07-16 00:00-23:59 UTC
total number of suspected botnet IPs: 2322
number of botnet IPs notified to network operators: 2239
number of spam blocked: 113889
recipient count of spam blocked: 3014491

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1221
2CHINANET-GD172
3CRTC155
4UNICOM-ZJ76
5WASU34
6CHINANET-JS31
7CHINANET-HB29
8UNICOM-GD28
9WASU-BB15
10UNICOM-BJ14

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1231
2China672
3Russian Federation66
4United States37
5Brazil32
6India25
7Indonesia24
8Italy15
9Ukraine13
10Turkey11

Wednesday, July 16, 2014

Suspected Bot List [2014-07-15]

detection period: 2014-07-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 63

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
CA66.154.119.21Canada
CL200.111.103.74Chile
CO190.60.39.186Colombia
IN59.90.91.95India
IN203.90.114.228India
IN210.212.97.179India
IR91.98.147.62Iran
IR94.182.162.242Iran
IT37.186.201.149Italy
IT95.227.105.203Italy
MX200.94.17.244Mexico
MX201.116.227.163Mexico
MX201.132.203.42Mexico
PH58.69.100.234Philippines
PH121.96.88.55Philippines
SA94.77.199.148Saudi Arabia
TR193.255.143.62Turkey
TR193.255.143.63Turkey
US50.201.42.106United States
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-15]

detection period: 2014-07-15 00:00-23:59 UTC
total number of suspected botnet IPs: 2118
number of botnet IPs notified to network operators: 2055
number of spam blocked: 81968
recipient count of spam blocked: 2538511

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1204
2UNICOM-ZJ139
3CRTC127
4CHINANET-GD64
5CHINANET-HB36
6CHINANET-JS29
7UNICOM-GD22
8WASU19
9UNICOM-BJ13
10WASU-BB9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1209
2China567
3United States38
4Russian Federation38
5Brazil27
6India22
7Indonesia16
8Ukraine14
9Viet Nam12
10Iran12

Tuesday, July 15, 2014

Suspected Bot List [2014-07-14]

detection period: 2014-07-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 99

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
CA66.154.119.21Canada
CL200.111.103.74Chile
CO190.60.39.186Colombia
GB176.35.77.154United Kingdom
IN59.90.91.95India
IN203.90.114.228India
IR91.98.147.62Iran
IR94.182.162.242Iran
IT37.186.201.149Italy
IT95.227.105.203Italy
MX200.94.17.244Mexico
MX201.116.227.163Mexico
MX201.132.203.42Mexico
PH58.69.100.234Philippines
SA94.77.199.148Saudi Arabia
TR193.255.143.62Turkey
TR193.255.143.63Turkey
US50.201.42.106United States
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-14]

detection period: 2014-07-14 00:00-23:59 UTC
total number of suspected botnet IPs: 2147
number of botnet IPs notified to network operators: 2049
number of spam blocked: 84183
recipient count of spam blocked: 2533689

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1199
2CRTC128
3CHINANET-GD94
4UNICOM-HN84
5UNICOM28
6CHINANET-JS24
7UNICOM-ZJ21
8UNICOM-GD20
9UNICOM-BJ19
10CHINANET-HB16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1202
2China553
3Brazil45
4Russian Federation38
5United States32
6Indonesia20
7Italy18
8Viet Nam17
9Argentina17
10Spain14

Monday, July 14, 2014

Suspected Bot List [2014-07-13]

detection period: 2014-07-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 81

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
CA66.154.119.21Canada
CL200.111.103.74Chile
CO190.60.39.186Colombia
GB176.35.77.154United Kingdom
HN190.107.140.77Honduras
IN59.90.91.95India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IR94.182.162.242Iran
IT95.227.105.203Italy
LB194.126.140.247Lebanon
MX200.94.17.244Mexico
MX201.116.227.163Mexico
MX201.132.203.42Mexico
PH58.69.100.234Philippines
PH121.96.88.55Philippines
SA94.77.199.148Saudi Arabia
TR193.255.143.62Turkey
TR193.255.143.63Turkey
US50.201.42.106United States
US68.189.142.171United States
US162.144.54.129United States
US199.217.113.176United States
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-13]

detection period: 2014-07-13 00:00-23:59 UTC
total number of suspected botnet IPs: 2398
number of botnet IPs notified to network operators: 2317
number of spam blocked: 110997
recipient count of spam blocked: 2982523

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1161
2UNICOM-HN169
3CRTC126
4UNICOM-ZJ110
5CHINANET-GD96
6UNICOM88
7UNICOM-GD26
8VNPT-VNNIC-VN24
9UNICOM-BJ19
10CHINANET-HB19

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1168
2China782
3Russian Federation54
4United States44
5Viet Nam42
6Brazil29
7Indonesia26
8Ukraine18
9Thailand18
10India16

Sunday, July 13, 2014

Suspected Bot List [2014-07-12]

detection period: 2014-07-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 104

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
BD180.211.180.18Bangladesh
BO190.129.58.252Bolivia
CL200.111.103.74Chile
CO190.60.39.186Colombia
GB176.35.77.154United Kingdom
HN190.107.140.77Honduras
IN59.90.91.95India
IN122.160.239.46India
IN125.17.32.130India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IT37.186.201.149Italy
IT95.227.105.203Italy
LB194.126.140.247Lebanon
MX200.94.17.244Mexico
MX201.116.227.163Mexico
PK103.4.92.88Pakistan
SA94.77.199.148Saudi Arabia
TR193.255.143.62Turkey
TR193.255.143.63Turkey
US50.201.42.106United States
US68.189.142.171United States
US162.144.54.129United States
US199.217.113.176United States
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-12]

detection period: 2014-07-12 00:00-23:59 UTC
total number of suspected botnet IPs: 2504
number of botnet IPs notified to network operators: 2400
number of spam blocked: 103350
recipient count of spam blocked: 3073282

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1212
2UNICOM-HN173
3CRTC118
4UNICOM-ZJ114
5UNICOM89
6CHINANET-GD52
7VNPT-VNNIC-VN46
8UNICOM-GD33
9WASU18
10VIETEL-VNNIC-VN17

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1221
2China749
3Viet Nam71
4Russian Federation56
5Brazil43
6United States41
7Argentina30
8France20
9Ukraine19
10Italy18

Saturday, July 12, 2014

Suspected Bots' IP List for July 2014

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below) 10 days after its respective botnet statistics gets published.

New data will be added here daily. You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2014-07-31]
Suspected Bots IP [2014-07-30]
Suspected Bots IP [2014-07-29]
Suspected Bots IP [2014-07-28]
Suspected Bots IP [2014-07-27]
Suspected Bots IP [2014-07-26]
Suspected Bots IP [2014-07-25]
Suspected Bots IP [2014-07-24]
Suspected Bots IP [2014-07-23]
Suspected Bots IP [2014-07-22]
Suspected Bots IP [2014-07-21]
Suspected Bots IP [2014-07-20]
Suspected Bots IP [2014-07-19]
Suspected Bots IP [2014-07-18]
Suspected Bots IP [2014-07-17]
Suspected Bots IP [2014-07-16]
Suspected Bots IP [2014-07-15]
Suspected Bots IP [2014-07-14]
Suspected Bots IP [2014-07-13]
Suspected Bots IP [2014-07-12]
Suspected Bots IP [2014-07-11]
Suspected Bots IP [2014-07-10]
Suspected Bots IP [2014-07-09]
Suspected Bots IP [2014-07-08]
Suspected Bots IP [2014-07-07]
Suspected Bots IP [2014-07-06]
Suspected Bots IP [2014-07-05]
Suspected Bots IP [2014-07-04]
Suspected Bots IP [2014-07-03]
Suspected Bots IP [2014-07-02]
Suspected Bots IP [2014-07-01]

Suspected Bot List [2014-07-11]

detection period: 2014-07-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 139

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
AR200.63.164.22Argentina
BD180.211.180.18Bangladesh
BO190.129.58.252Bolivia
CL200.111.103.74Chile
CO190.60.39.186Colombia
ES188.85.36.46Spain
GB176.35.77.154United Kingdom
HN190.107.140.77Honduras
IN59.90.91.95India
IN122.160.239.46India
IN125.17.32.130India
IN202.62.67.250India
IN203.90.114.228India
IR91.98.147.62Iran
IT95.227.105.203Italy
IT95.228.84.117Italy
LB194.126.140.247Lebanon
MX200.94.17.244Mexico
MX201.116.227.163Mexico
NG193.238.29.148Nigeria
PE190.116.62.70Peru
PH121.96.88.55Philippines
PK103.4.92.88Pakistan
RO92.87.210.196Romania
RS89.216.21.136Serbia
SA94.77.199.148Saudi Arabia
TR193.255.143.62Turkey
TR193.255.143.63Turkey
US50.194.34.29United States
US50.201.42.106United States
US66.240.236.121United States
US68.189.142.171United States
US162.144.54.129United States
US199.217.113.176United States
VE190.202.116.101Venezuela
ZA196.41.205.29South Africa
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-11]

detection period: 2014-07-11 00:00-23:59 UTC
total number of suspected botnet IPs: 2523
number of botnet IPs notified to network operators: 2384
number of spam blocked: 121504
recipient count of spam blocked: 3226427

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1219
2CRTC142
3UNICOM-ZJ98
4WASU88
5CHINANET-GD76
6WASU-BB72
7UNICOM-GD39
8CHINANET-JS23
9VNPT-VNNIC-VN22
10UNICOM-BJ15

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1234
2China695
3Russian Federation54
4United States52
5Brazil45
6Viet Nam34
7India32
8Argentina29
9Ukraine22
10Indonesia21

Friday, July 11, 2014

Suspected Bot List [2014-07-10]

detection period: 2014-07-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 303

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL217.24.253.251Albania
AR200.42.142.234Argentina
AR200.59.44.227Argentina
AR200.63.164.22Argentina
BD180.211.180.18Bangladesh
CL200.111.103.74Chile
CL200.111.103.77Chile
ES188.85.36.46Spain
GB176.35.77.154United Kingdom
HN190.107.140.77Honduras
HT200.80.106.38Haiti
IN59.90.91.95India
IN122.160.239.46India
IN122.168.124.73India
IN125.17.32.130India
IN202.62.67.250India
IN203.90.114.228India
IN210.212.97.179India
IR91.98.147.62Iran
IR94.182.162.242Iran
IT37.186.201.149Italy
IT85.40.63.218Italy
IT95.227.105.203Italy
IT95.228.84.117Italy
KW62.215.101.132Kuwait
LB194.126.140.247Lebanon
MX200.94.17.244Mexico
MX201.116.227.163Mexico
NG193.238.29.148Nigeria
PE190.116.62.70Peru
PH121.96.88.55Philippines
PK103.4.92.88Pakistan
RO92.87.210.196Romania
RS89.216.21.136Serbia
RU109.167.201.26Russian Federation
SA94.77.199.148Saudi Arabia
TR193.255.143.62Turkey
TR193.255.143.63Turkey
US50.194.34.29United States
US50.201.42.106United States
US50.244.253.9United States
US66.240.236.121United States
US68.189.142.171United States
US162.144.54.129United States
US199.217.113.176United States
VE190.202.116.101Venezuela
ZA196.28.31.245South Africa
ZA196.41.205.29South Africa
ZA196.46.142.79South Africa
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-07-10]

detection period: 2014-07-10 00:00-23:59 UTC
total number of suspected botnet IPs: 3072
number of botnet IPs notified to network operators: 2769
number of spam blocked: 121897
recipient count of spam blocked: 3936749

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1204
2UNICOM-ZJ129
3VNPT-VNNIC-VN125
4CRTC125
5WASU104
6CHINANET-GD59
7WASU-BB53
8KORNET-KR36
9AR-TEAR7-LACNIC31
10PE-TPSA-LACNIC24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1225
2China671
3Viet Nam193
4South Korea87
5Peru59
6Brazil57
7Russian Federation56
8United States55
9Argentina55
10India47