Thursday, July 3, 2008

ASPROX Botnet Fingerprinted: 11,816 Zombies

Today at 2pm CST I launched a massive query on our widespread network of Sentinel IPS appliances pulling unique source IP's from the ASPROX SQL Injection attacks.

Now we have an idea of size, location of zombies and a giant block list which we have made available right here

**Update** This is a list of infected machines emanating the SQL Injection attacks, not the number of compromised ASP websites, which is much higher nearing 100,000.

Was fun to whip up this geo-map of ASPROX's zombies...

1 comment:

Anonymous said...

To help in resisting zombie attacks we have started to post the infected IP addresses in near real time on a website. For those that may find this of benefit, here it is.