In 2024 alone, botnets accounted for 29% of all observed malware, reclaiming their spot at the top of the cyberthreat landscape, according to ForeScout Technologies Inc.’s latest analysis of 900 million recorded attacks.

As artificial intelligence makes its way into everything from search engines to smart fridges, cybercriminals are capitalizing on the same tech to supercharge their attacks. Botnets, once seen as clumsy digital blunt instruments, are evolving into mass-scale precision tools for disruption, data theft and extortion.

At its core, a bot is just a small program that does what it’s told — often repetitively, and usually without asking questions. Traditional botnets followed a crude pattern: Infect as many devices as possible, connect them to a command-and-control server and use the compromised devices to launch distributed denial-of-service attacks or to harvest credentials. They were crude, noisy and often easy to spot once the payload started rolling.

Now that model is being replaced, not just thanks to AI, but because of a higher degree of organized efforts. In the first half of 2024, the Spamhaus Project identified 14,248 botnet command and control servers, with China hosting the highest number at 2,823, despite a 24% decrease from the previous period.

AI-powered botnets can analyze traffic patterns in real time, switch tactics on the fly and blend into regular network activity. Some can even determine the most profitable payload based on the target’s profile — ransomware for enterprise systems, data exfiltration for healthcare and cryptomining for internet of things devices. The integration of machine learning enables these botnets to act less like brute-force attackers and more like adaptive adversaries.

They don’t stop at automation. Natural language processing can be used to generate convincing phishing emails at scale. Reinforcement learning lets malware adjust strategies based on firewall responses. Image recognition can help bots evade visual CAPTCHAs. These capabilities give attackers a terrifying new playbook, one that relies less on scale and more on sophistication.

What makes this trend especially insidious is that botnets can now be smaller and stealthier than ever. Instead of infecting millions of devices to overwhelm a system, an AI-driven botnet might only need a few thousand nodes to carry out highly targeted, surgical operations. That makes detection harder, attribution fuzzier and mitigation more complex.

Botnets-as-a-service

AI-powered botnets are everybody’s problem. In the same way that AI tools have become democratized for legitimate software developers, botnets are being packaged as plug-and-play kits on dark web marketplaces. We’re now seeing AI-as-a-service emerge in the criminal underworld, offering ready-made botnet infrastructure for rent.

These kits often come preloaded with adaptive payloads, evasion modules, and even dashboards to monitor infection spread and return on investments. Small-time actors can now carry out big-time attacks — no deep technical knowledge required. And when these tools get plugged into compromised software supply chains, the results can be devastating.

A compromised software development kit or node package manager can serve as a delivery mechanism for an AI-powered botnet, enabling it to infiltrate thousands of businesses in a single attack. From there, the botnet doesn’t just wait for instructions; it scouts, learns and adapts.

IOT devices remain another massive vulnerability. From baby monitors to smart thermostats, those endpoints often lack the basic security protocols needed to resist modern attacks. When infected, they become ideal foot soldiers: always-on, poorly defended and globally distributed. AI-driven botnets can now exploit these devices with near-perfect timing and stealth, launching attacks when monitoring is weakest and traffic patterns are predictable.

Worse is that the malicious systems are going beyond simple exploitation. Some are using AI to spoof normal behavior, making infected devices appear healthy even during active attacks. It’s no longer enough to watch for unusual spikes in processor usage or strange outbound traffic. The bots are learning how to fake normal.

The future of digital siege warfare

Only 20% of companies feel very well-prepared to combat high-volume AI-powered bot attacks, with 56% noting an increase in cyberthreats and sophistication thanks to generative AI. The implications of this are staggering. AI-infused botnets aren’t just a security threat; they represent a new class of persistent digital siege weapons. Their ability to adapt in real time, evade conventional defenses and weaponize context makes them far more dangerous than their predecessors.

Defenders are trying to catch up. Behavioral analytics, zero-trust architecture and AI-powered threat detection are all being deployed to stay ahead. The gap between offense and defense is narrowing.

More than ever, organizations need to rethink their security posture. It’s not just about keeping systems patched or segmenting networks; it’s about building resilience against threats that think. Legacy antivirus and signature-based defenses are increasingly obsolete. Detection now relies on identifying patterns of behavior, spotting subtle shifts in system communication and anticipating attacks that haven’t yet happened.

The regulatory angle is becoming more critical as well. As botnet sophistication grows, governments and commercial organizations are being forced to reconsider their cybercrime frameworks. The blurred line between AI research and weaponization is becoming a legal gray zone. Will training a model to bypass CAPTCHA become criminalized? What about selling an AI model that can autonomously scan for zero-day exploits?

At the end of the day, we’re entering a phase of asymmetric digital warfare where the smallest actors can wield the biggest impact. An individual with the right kit, some cash and access to cloud computing resources can deploy a botnet that’s smarter than anything nation-states were using just five years ago.

The bots are no longer dumb. They’re no longer slow. And they’re no longer easy to stop.

Isla Sibanda is an ethical hacker and cybersecurity specialist based in Pretoria, South Africa. For more than 12 years, she has worked as a cybersecurity analyst and penetration testing specialist for several companies, including Standard Bank Group, CipherWave and Axxess. She wrote this article for SiliconANGLE.

Image: SiliconANGLE/Reve