Category Archives: botnet

Darkmailer2 month in Canada December 2012

December 2012 Canada from CBL data It’s apparently Darkmailer2 month in Canada. One company got a grip on it, and two got much worse, in the December 2012 for Canada Canada.

AS 7788 MAGMA-COMM, bought in 2004 by PRIMUS Telecommunications Group, peaked in the second week and then got a grip on its darkmailer2 spamming. AS 11342 PATHWAY really gave AS 32613 IWEB-AS a run for its money; both seem to have a darkmailer2 problem. Pathway went from 2,871 spam messages seen by CBL in November 2012 to 21,593,775 in December 2012: that’s 7,521 times. However, iWeb once again won the spam-spewing month in Canada!

Congratulations to the four dropouts, especially AS 16532 ASB2B2C, which Continue reading

Festi botnet in July 2012 U.S. Medical from CBL

AS 122 U-PGH-NET-AS The curve that took University of Pittsburgh Medical Center‘s AS 122 U-PGH-NET-AS to number one in the July 2012 U.S. from CBL data is almost completely explained by Festi botnet, except for one day, plus the small curve at the beginning of the month was apparently caused by Grum botnet.

AS 17311 ECMC-BGP was infested with Festi (blue curve on the right) at the same time as AS 122, and AS 17311 earlier had a Cutwail botnet

Continue reading