Custom Search

Tuesday, April 6, 2010

Botnet Statistics for July 2009

The following is collected from two vpses of mine. I tried to keep at least two vpses running at the same time. If an unexpected hardware or network problem hits one vps, I still have something on the other one to report.

detection period: 2009-07-01 00:00 - 2009-07-31 23:59 UTC
total number of suspected botnet IPs: 78186
number of blocked spams: 2465875
recipient count of blocked spams: 54559064

The top 25 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan19257
2India18531
3Brazil12300
4China10100
5Argentina7297
6Russian Federation2392
7Uruguay939
8Ukraine667
9Chile624
10Hong Kong585
11Mexico541
12Ethiopia464
13Colombia406
14United States294
15Thailand273
16Algeria236
17Kazakhstan235
18Germany234
19South Korea175
20Belarus168
21Japan143
22Indonesia137
23Turkey134
24Italy129
25Costa Rica124

The top 25 countries (as defined by the 2-character country code), ordered by number of blocked spams are:

RankCountry# of blocked spams
1Taiwan1036100
2China449094
3Brazil229515
4India171946
5Argentina96138
6Malaysia91380
7Russian Federation53137
8United States35679
9Hong Kong23099
10Ukraine22541
11Indonesia18734
12Germany18535
13Colombia18459
14Poland16696
15France15755
16Thailand15580
17South Korea14999
18Chile10815
19Iran9416
20Bulgaria9097
21Venezuela8474
22Viet Nam7022
23Uruguay7001
24United Kingdom5797
25Spain5428

The top 25 countries (as defined by the 2-character country code), ordered by recipient count of blocked spams are:

RankCountryrecipient count of blocked spams
1Taiwan12073134
2China12039776
3Brazil7562266
4India5677884
5Argentina3290320
6Russian Federation1723848
7Malaysia1568184
8United States990733
9Hong Kong753180
10Ukraine725080
11Colombia614611
12Germany611783
13Indonesia576531
14Poland552982
15France507054
16Thailand494366
17South Korea470731
18Chile369304
19Iran301053
20Bulgaria296226
21Venezuela292595
22Uruguay237960
23Viet Nam225930
24Italy161234
25Spain158582

The top 25 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1BSNLNET13832
2HINET-NET10156
3APOL-NET7596
4AR-TEAR7-LACNIC6204
5002.558.157/0001-624146
6002.558.134/0001-582538
7002.449.992/0001-642065
8UNICOM-SD1814
9TATACOMM-IN1516
10040.432.544/0001-471252
11TFN-NET1108
12CHINANET-GD1049
13RCOM994
14UY-ANTA-LACNIC931
15HATHWAY-NET734
16CHINANET-ZJ-WZ606
17UKRTELNET584
18UNICOM-HE579
19HGC571
20UNICOM-LN569
21000.065.376/0002-65558
22ETHIONET464
23UNICOM-HA453
24RU-AVANGARD-DSL437
25CL-TNCS-LACNIC429

The top 25 networks (as found in WHOIS), ordered by number of blocked spams are:

RankNetwork# of blocked spams
1HINET-NET800119
2APOL-NET175964
3CHINANET-ZJ-WZ114462
4BSNLNET93464
5AR-TEAR7-LACNIC57145
6TMIDC-MY54562
7UNICOM-SD48920
8002.558.157/0001-6248508
9TFN-NET39915
10EASTGATE31116
11002.558.134/0001-5827454
12000.065.376/0002-6526132
13UNICOM-HA23796
14UNICOM-HE22041
15076.535.764/0326-9021756
16RCOM21435
17HGC21280
18033.530.486/0001-2921123
19TATACOMM-IN19682
20002.449.992/0001-6418117
21UNICOM-BJ16819
22CHINANET-GD15910
23AR-CASA10-LACNIC12800
24PL-TPSA-2003120311877
25AR-PRSA-LACNIC11792

The top 25 networks (as found in WHOIS), ordered by recipient count of blocked spams are:

RankNetworkrecipient count of blocked spams
1HINET-NET9426191
2BSNLNET3135680
3AR-TEAR7-LACNIC1969305
4CHINANET-ZJ-WZ1807727
5002.558.157/0001-621625106
6UNICOM-SD1595763
7APOL-NET1425467
8002.558.134/0001-58931675
9TMIDC-MY873808
10000.065.376/0002-65838355
11UNICOM-HA730155
12076.535.764/0326-90706698
13HGC697018
14UNICOM-HE682252
15RCOM678094
16TATACOMM-IN652549
17033.530.486/0001-29647735
18002.449.992/0001-64623067
19TFN-NET596687
20UNICOM-BJ560528
21EASTGATE497856
22AR-CASA10-LACNIC442958
23AR-PRSA-LACNIC411276
24PL-TPSA-20031203406389
25UKRTELNET387057

No comments:

Post a Comment