03/16/2010
More than 300 Botnet control and command servers on Belgian networks
These reports are based off of all the active and inactive Command and Control (C&C) points that we have tracked and are currently tracking. The columns are defined as follows:
- Number - The total number of C&C's hosted within that geographical area
- Closed - What percent of the C&C's that are now inactive
- CC DDOS - The number of DDOS attacks issued from that C&C's within that geographical area
- CC Scans - The number of scans into other networks the C&C's issues from that geographical area
- CC CHosts - The number of successful compromises completed by that C&C's within that geographical area
- TGT DDOS - The number of DDOS attacks that were targeted to this geographical area
- TGT Scans - The number of scans that were targeted to this geographical area
- TGT CHosts - The number of hosts compromised within this geographical area
| GeoLoc | Number | Closed | CC DDoS | CC Scans | CC CHosts | TGT DDoS | TGT Scans | TGT CHosts | URLs |
| US | 7012 | 57% | 348583 | 2290396 | 126182 | 872171 | 3653202 | 259101 | 7257064 |
| NL | 1946 | 29% | 607988 | 3859 | 53 | 119923 | 249789 | 4494 | 423647 |
| DE | 1503 | 63% | 111513 | 6275024 | 127807 | 76321 | 398476 | 81534 | 1953393 |
| CA | 1367 | 39% | 6042 | 28038 | 530336 | 205571 | 239277 | 10964 | 1809400 |
| UK | 1220 | 37% | 109867 | 30956 | 3685 | 52313 | 466625 | 34711 | 622445 |
| SE | 1213 | 13% | 1904 | 5950 | 4821 | 48352 | 197536 | 4267 | 50680 |
| FR | 642 | 37% | 6958 | 121504 | 1184 | 15702 | 196605 | 46805 | 175165 |
| CN | 503 | 84% | 3249024 | 2562609 | 21665 | 2752972 | 434248 | 119698 | 473198 |
| HU | 485 | 9% | 1516 | 1138 | 5 | 799 | 76215 | 6489 | 20581 |
| FI | 466 | 3% | 27 | 0 | 0 | 740 | 115123 | 1376 | 19842 |
| NO | 448 | 10% | 180 | 167 | 0 | 460 | 49944 | 898 | 17789 |
| KR | 409 | 80% | 8695 | 81275 | 141636 | 4213 | 450211 | 12391 | 176560 |
| BE | 375 | 7% | 17474 | 13221 | 2985 | 514 | 44970 | 3816 | 12202 |
| JP | 323 | 57% | 1984 | 37006 | 18283 | 1308 | 304820 | 31843 | 376058 |
| TR | 250 | 64% | 9614 | 28058 | 548 | 4673 | 64583 | 5630 | 368193 |
We should keep also in mind that China (CN) is a dictatorship so closing down a server is quite easy if they want to do it.
Japan has also a higher closing down percentage but that is because they have a CERT that is only doing that.
Belgium has a very low closing down percentage for botnet command and control servers.
The result is that we have DDOS attacks, infection scans and other malware traffic on our networks and going to other networks. As long as nobody sues you for damages, you can take it lightly, but the very low number of closed C&C may one day be used against you as neglicence.
10:54 | Permalink | Comments (0) | Email this
| 
| 
del.icio.us
|
| 
Digg | 
Facebook
Post a comment